last executing test programs:

50.041289728s ago: executing program 1:
r0 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x11)
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000340)='./file0\x00', 0x0, &(0x7f0000000180)={[{@enospc_debug}, {@clear_cache}, {@thread_pool={'thread_pool', 0x3d, 0x1}}, {@space_cache}, {@datasum}]}, 0x3, 0x50d4, &(0x7f00000051c0)="$eJzs3U+IVWUfB/Dnzjg6KDjXnbp48QW3wiQKRURDaFaYc82CosVMLYIQYVAwFy3EgpIWDgha4cJgWmR/nFVFC3GVBEEQBcEgzEKQdkIxGC6Ke8957pz7HO+5dyZ1TD+fmDnnOb/zPOeZy1nc783n3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhhJNz585V1bdemTm7Y2DP1Us3T+w8NTE6H0KtdbyW1yeeeuaFNw5MPD8cO0zuz7b1erchs67zWWN1x8Fmv86f10IIQ8kAg/l292Bp1OLu4fKAlfZfXNh25NbeXTPHxg9dOLp5qvyn0zS80hNYKfl9dW3xXhpr/R5Izmi3C7dereMWzfqnN9w9+SMAgCUZbbQ27bej+Vvcdvt4Wk/aY0l7OmnHdwjTxcZyZOOu7jbPLWl9heY5lkWFNd3mWU/q+evfbjeSekjbnVFjCfPsPDWPNMPd5jmV1FdqngAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3k6c/+eJ6VX3rlZmzOwb2XL1088TOUxOj8yHUW8drWbn2xMLcwqa3dj/63e4vP/6zPn5yMO8Xt6sKJ4ff4s5jIyG8Xqhci8P+vj6ERmeh1QwflQtvtnaejQUAAAAeJJtavwfa7SwODnW0a600WWv9F2Vhcf/FhW1Hbu3dNXNs/NCFo5unlj9eo8t4Y7cdr92uL/7UCsE4xt90vMV6PPVwaZxq6Yhpnn959MPtVf1L+b9enf/jKyf/AwAA8G/I/+k41Xrl//nPX91X1b+U/7d0XLKU/+OMY/4fCMvL/wAAAHA/u9v5f6w0TrVe+f/r9/edrupfyv+j/eX/VcVpx4M/xgkfHAlhtNfUAQAAgC7i/3df/Ggh5vXsk4M0r7+49fpQ1Xil/D/WX/6vHBQAAAC4p34488jfVfVS/m/0l//X3NVZAwAAAEvxv/cmD1TVS/l/sr/8vzbf5isfsk7fx3+FcHokhOHmzlRWuBKmn2wXAAAAgDsk5vSXvt18tOq8Uv6fqn7+f3zSQVz/3/H8v9L6/0Ihe+rf4x4MAAAAwMOovJ4/Ph4/++aCbt+/3+/6/09//nVD1fVL+f94f/l/sLi9k9//BwAAAMvwX/v+v1dK41Tr9fz/t9/dsLT8P91f/o/bdcU/73J8fd4ZCWFjcyd/muBn8XIHk8LsUKHQ0kh6HIg98sLsmkKhZSrpsX0khP83d44nhQ2xMJ0UbqzPC+eTwk+xkN8P7cJXSeFyvNPOrM+nmxa+iYV8gcVsXEGxrr0kIunxR7cezcJte8y1Lw4AAPBQieE5z7JDnc2QRtnZWq8T1vY6YaDXCYO9TliVnJCe2O14mOwsxON//TL+XKhQyv/n+8v/8aVYnW26rf8Pcf1//r2G7fX/k7FQTwqzsdBInxjQiNfIwu4H8Rr1Rt7jxsZ2AQAAAB5o8XOBwRWeBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAPe/ceY8dVHw787PN61+vdDUHKQxYxL0N+ktdrOw7WLyCcVBEIpGQtov6DQtbYm9TxBhs/Co4s1RhUlCKEC66IQh+2RFSnEsgqbXmEEosqQVUtGoU2fziPpgWEKkGjFNclSiRX986c2bln9j78WNsbPh/Je8+933POzDn33vGcmblnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgt8PV373hy+3i7/jR1796U+8HXvjBbw6u/9I9ky+FMNV4vScL97zvzHNnrvvU7Ru+d/s3Hjk9fudDg3m5PB6W1v/05k8+F2v92bIQvt0TQn8aWDWSBQby5yOxvuUjIVwV5gJFiZnhrES64PDkUAhHwlygqOq7QyGMlAJ3PfPDJ75YTxweCuGdIYRauowXatkyhtLAysEsMJwGdvRngf89mykC3+nNAnDB4peh+NAfn2rOMD5/uRafv4GLtmKXV9q8vpgYb53vV7cu8EqVDKYvTF3Q21apjgVR+Xqc8G1bBN+2Sj8f8raVd6TyPZSzc6Fa6N06c+/mvbN74iu9YWKir1VNC/Q+n3pl/5ZzSS+az2FcgfGL8jm8//DNzw5+7I4XH3n98f2na19bfqGr2ap7F1ot5J+5RfM+RhttTxbB16+yl7TCTlcI4fSJk/vbxSvj//H24//4cY6PvU25Y62vjWZj8/jKSEy8PJqNzQEAAGDRWAxHTQdX/OtP29VXGf+v6O78fzzlnw/ms9aeCGFjI/HZsRCubbyeBR6Li/v4WAhvbaSmmgO3JoETIVzXSNxYVJWUWBJLrEgCvxjNAxuTwFMxMJUEHo2BQ0ngczFwPAlsiYETSeC2GAjbmtvx/0bzdnQdGIqB6awTj8erEH49GpeW9NVzRVUAAAAXST46HGh+WrrW4UIzxOHl8aFOGeIV2C0z1JIa0hFsMaxqWUN/pxp6O9VQtPtA++ZXau7pVHPlMoye5gz/c+qaHaGNyvh/sv34vzbPivRUzv+HyU2Nh5i7N4/MFhmmp5oyAAAAABfg9948vbldvDL+39jd9f/xmEhfKXM4GQ9DbB8LYbI5kFV7SzWQnfVemgcAAABgMSjOxxfnwrflj9kl2ul4upp/6hzzxxP/G+fNv+PH//J4u/WtjP+nurv+f7j5MVuJp+JafGUshCWlwI/iWtYDDSti4KX3Nwfy9j8VO+ALsar8woSiqi/EEtMxMJkEjrQq8XRR4trmQP5mFQv/bNGObXmJUgAAAAAuuXg4IJ6Xj9f/r/nbP3yyXbnK+H/63K7/b4yDK5f3zy4NYXV/CH3pDwNODmcTA8bASE+e+PvhrK6+tKqDwyHcUm9YWtV/5PP/96dzDP5kKKsqBq5927FXVtYTXx8KYXU58OxHj66vJ/YmgWLhvzsUwg311qYL/7sl2cIH0oU/vCSEt5QCRVVbloRQX9hgWtU/1PL7GKRVHa+FcHUpUFT1nloI+wIAi1X8v3Rr+cXd+x7cvnl2dmbXAibiQfyhcO+22ZmJLTtmt9ZarNPWZJ2b5jH6TLVN3d765vk4R9Hdx8a6SRc/FJwsLys/kF+5cjB/HneGBhrtXDvQ9HRd2uR3v726iFDalWrV5N4FbvJwuZK5N7FSf8w/GJaGJXt3z+ya+PTmPXt2rcn+dpt9bfY3nmfK+mpN2lfD861bFx+PltNlJc63r1aWK1m954Gdq3fve3DVtgc23zdz38wnNkyuW7vh5sn171ldb9Rk9rdDS1fOV3PS0rNHu2zWRWzp9f2lSi7FRkNCQmKxJQYH7jzVbvNTGf/vbD/+j1uduOHP52dodf5/PJ7mz16fO80/HQNHuj3/P97qbH5xYcCKJHAgBg44zQ8AAMAbQzwcGY9mxoPSB971wvvalauM/w909/v/izT/fzF1/YdaTfN/Yywx2Wr+/3Sa/2L+/wOt5v9Pp/kv5v8/chnm/99bBJIu+bX5/wEAgDeCSzf/f8fp/dMbBFQydJzeP71BQCVDx2n8u71BwDnP//83v1yzPrRRGf8f6m78b+J+AAAAuHJcc9sNP24Xr4z/j3Q3/r/08/+FVtf/r2gVmGo1MaD5/wAAAFikWs3/98xHdr6/XbnK+P94d+P/eNlFb1PuWOtro9mcdiGd0+7l0eInAwAAALA49IaJiYEu8zZNjHrr+S/zVJwKtE267NDnj53b7/9PdDf+b/pdxv2Hb3528GN3vPjaI68/vv907WvL587/AwAAAAun2+MSAAAAAAAAAAAAAADA5ffo1d+ad16AqPL7/7Cp8Xqr3//H+/413TTxTD4Z4IE4s/6XxkzzBwAAAAvroVtffTj+u+/Lf/Rf7fJWxv/j3Y3/4/0F8vvgZbfeOxHv//fZsRAat9YbzwKPxcV9fCyEtzZSU7FEdkO9D8USk1ngsThh4o2xxPRUc1VLYuB4EvjFaB44kQSeioH8KMWxeGPAPx4NYX0jtam5xM5YYjwJ3BkDK5LARAxMJoFlMbAxCfxyWR6YSgL/FAP5zQeLvvrWsryvAAAAzkU+zhpofhrScd7x/k4Zejpl6LiI4U4ZejtlqLXIEJ//dVyHgfJ8/HmG+NJAWutQUkslQ7wZ3vk3vZiu7+nmnGnByqL7YsHx5pwxw85/vukroY3K+H9Fd+P/y3j///Ru/htjYEUS2BkDG5PA9KY8cOSa5oD7/wMAAHBla3X//9G3/NWhduUq4//J7sb/8UDEm5tyx1o73/8/f37Xh7+5r7HKJ0dDeHs5sP3g9qvqiUdHQ3hXOfDE3Tc2Ru0H0xLff/G2n9cT96SBD65605l64r1JYDp20nVpIB5VObMsCcTu/UkaiP1xPA0M5oGHlmXt6En76j9Hsr7qSfvq1Eh2eUVP2lffHsmW0ZM28HASKBr4yTQQG3hHHuhN1+qbS7O1ioGRWPQvlhYXfQAAcGWKe4ED4d5tszOT6U94r+9vfoyabln+mWq1PV0u/vl4a/K7j411k+5L90VrRVUDoVZvwprK7mo5S0+jlRenlg5d9+YWTe50t/feFuVS59p1g61bNJS1aGLLjtmtAx0bvq5zlrX9HbOsqQx2yll6G13aRS1drEsXLeqyb7pY5fi8N0xM9CW5/n8MjocmnT4R3d6vr3yf/1afgnKeo5//91fb1VcZ/2/sbvwf27M0lD7On4u1/mxZCN/umTsaUQRWjWSB2NyRODxePhLCVaV+KErMDGclBpMFhyeHshHqYFrVd4eyYwzx+V3P/PCJL9YTh4dCeGfpvSqW8UItW8ZQGlg5mAWG08CO/iwQr/woAt/pzQJwwYqNQvxA5T91KYzPX67F5++Nck/QtHmVa6DmyTffNneh1NIX8muqCuf2tlWqY0FUvh4nfNsW47ct+LaVd6TyPZSzc6Fa6N06c+/mvbN74ivlPdmKBXqfy3up3aQvwufwwPmvbWe1dAUmk83H5Pzl5v8c9sTq7j9887ODH7vjxUdef3z/6drXlne9Gi3EgcKT//2mq8rdu9BqIf/MLbrtyZTtyWL8b2Dc2xZCOPTnQ59sF6+M/6e6G//3J48Nr8bO3D0WwrtLnXsydv/vjGXbwVIg20peXQ1kl9z/dLTllhMAAAAutuJwR3G8YFv+mP0gPB0nV/NPnWP+eLxi47z5u13v/U/+/mPt4pXx/3T78f+SZDWd/3f+nwXi/P+8rvRD0UvSFw5c0KHoSnUsCOf/53Wlf9uc/5+X8//O/8/H+f8OnP+f15X+tlX2knba6QohnL1+4OF28cr4f2d34//fsvn/09n8i/n/00n7i/n/p1vN/7+z1fz/B8z/DwAALKgWE82n47zK5PyVDOnk/JUMPUmGc7/FQMdp9M3/n87/f/DPbtkT2qiM/w90N/6PH4eR8tIXy/z/45talNi4qXl1i8ChGNjpjgEAAABcRvEAQbzovdsZJgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhYd7x6ZnO7+Dt+9PWv3tT7gRd+8JuD6790z+RLIWxrvN6ThXved+a5M9d96vYN37v9G4+cHr/zoVpebiB/XN6UO9b62mgIR0qvjMTEy6P1J3OBuz78zX399cTJ0RDeXg5sP7j9qnri0dEQ3lUOPHH3jdfUEwfTEt9/8baf1xP3pIEPrnrTmXrivXmgJ13dP12WrW5PurpfXBbCWClQrO79y5qrKpbxgTzQmy7jL0eyZcTASCz68Ei2jBiYjSW2LQlhdX8IfWlV/1jLqupLq/peLauqL63qD2oh3BJC6E+r+rfBrKr+tOVPD2ZVxcC1bzv2ysp64uhgCKvLgWc/enR9PbErCRQL/8hgCDfUPzLpwr81kC18IF34nwyE8JZSoKhqeiCE+sIG06pO9GdVDaZVfaM/hKtLgaKqm/pD2Be4XOKGZGv5xd37Hty+eXZ2ZtcCJgbzZQ2Fe7fNzkxs2TG7tZasUys9pfTZz5x/259/Zf+WRuLuY2PdpIv1miyvy9NTlRfLz/vzpwONdq4daHq6brE0ebhcydybWKk/5h8MS8OSvbtndk18evOePbvWZH+7zb42+9uXR7O+WrNY+mpluZLVex7YuXr3vgdXbXtg830z9818YsPkurUbbp5c/57V9UZNZn8vRkuPXvqWXt9fquRSbDQkJCQWW6K3aes2eaVvxys7+nMrOhBqjQ10ZVhRztLTaOXFaPSt59Ha3Lk2ujIkqbRoTWXgUMmytnOWdZUxw1yWoSxLY1+wMjgs19Tb6NL4vDdMTPS16ofx5qfl7v3VBXTvqdh1XaYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4P3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04FgAAAAAQ5m8dRs8GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXAoAAP//Qczu7Q==")
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000040))

46.44263701s ago: executing program 1:
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
r1 = syz_io_uring_setup(0xfb, &(0x7f00000003c0)={0x0, 0x0, 0x10100}, &(0x7f00000000c0), &(0x7f0000000100)=<r2=>0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0)
read$FUSE(r4, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/udp\x00')
read$FUSE(0xffffffffffffffff, &(0x7f00000061c0)={0x2020}, 0x2020)
lchown(0x0, 0x0, 0x0)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$ARPT_SO_GET_REVISION_TARGET(r5, 0x0, 0x63, 0x0, &(0x7f0000002600))
socket(0x28, 0x5, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x13)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
syz_io_uring_submit(0x0, r2, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r7, 0x0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1}, 0x0, 0x40000103})
io_uring_enter(r1, 0x46f6, 0x0, 0x0, 0x0, 0x0)
write(r6, &(0x7f0000000200)='~', 0x1)
bind$nfc_llcp(r0, &(0x7f0000000000)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "0f03c8c7e8da000000000000ffffff017f000000cce67e1d0000e565aa9a9d32c7627ffe7a54cdbd77b3000000000000000000060000000000000000deff00", 0x17}, 0x60)

42.191399661s ago: executing program 1:
syz_usb_connect(0x0, 0x24, &(0x7f0000000100)={{0x12, 0x1, 0x0, 0x6c, 0x79, 0x8, 0x10, 0x14aa, 0x22b, 0x8e53, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x34, 0xcf, 0x82}}]}}]}}, 0x0)

41.181903487s ago: executing program 0:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000e20850000007000000085000000d000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001b40)={&(0x7f0000000100)='jbd2_handle_stats\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)

40.712092239s ago: executing program 4:
r0 = syz_open_dev$sg(&(0x7f0000000280), 0x0, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000200)={0x53, 0x0, 0x6, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000180)="a1c634a0758c", 0x0, 0x0, 0x4, 0x0, 0x0})

40.607607324s ago: executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000001000000000000000000000000100000f01d00ff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

40.347782214s ago: executing program 0:
syz_mount_image$hfsplus(&(0x7f0000002380), &(0x7f0000000000)='./file0\x00', 0x1600008, &(0x7f0000000100)=ANY=[@ANYBLOB="6e6f6465636f6d706f73652c6465636f6d706f73652c756d61736b3d30313737373737373737373737373737373737373737372c6e6f6465636f6d706f73652c6e6f626172726965722c747970653de5f2875e2c6e6c733d63703836322c00"], 0x3, 0x63c, &(0x7f00000023c0)="$eJzs3U1sG1kdAPD/OI4TB9TN7qa7Ba1EtJUWRESbD2UhXCgfQjmsUFUOnKPWbay6aZW4KK0QCl/iwIVDxbkccuOE1HukcoYL6jXHSqBeekC5Gc147DjNl/NVO9vfrxq/9/zevPnP357x2FU0Abyz5ieiuBFJzE98sZq2N9dnapvrM0N5dy0i0nohotgsIlmKSJ43u6+lD19Ln8zHJ/tt50l17saL15svm61ia+WklNaG91/vMM0V1/IlxiNiIC93G+x21h3z3dx3vr389097B9kMNN3ny63EQa81dlk7yurHPm6B/pE0Pzd3GY0YyT6hm9cBkZ8dCm83utN3pLMcAAAAnFPvbcXWWqPR6HUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcJ7k9/9P8qXQqo9H0rr/f6ljeKmHoZ6KjV4HAAAAAAAAAADH0hjobH1jK7ZiNS60e5Ps//w/zRpj2eNX4mGsRCWW40qsxkLUox7LMRURox0TlVYX6vXlqS7WnN5zzekz3WkAAAAAAAAA+LL7bcxv//8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0gyRioFlky1irPhqFYkQMR0QpHbcW8a9W/Tzb6HUAAAAA8Ba8txVbsRoXWu1Gkn3n/yj73j8cD2Mp6lGNetSiErey3wKa3/oLm+sztc31mXvpsnvev/yvkekyjGzGaP72sPeWL2UjynE7qtkzV+Jm3I9auXOWS6149o7rN6/SuX+Q6zKyW3mZ7vmf87I/jGYZGWxnZDKPLc3j+wdn4oevTrSlqSi0f/kZO4Ocj+RlsqMcOFLMZ+PNTExHIct36qODMxHxzWd/+8Vibenu4u2Vif55Gx1TMxONRjMTQ1mrlYmP36lMTGb7frHdno+fxs9jIsbjeixHNX4ZC1GPSozHT7LaQv5+Th9H38hUYefU13a0rh8WSSl/XZpHytFi+jRb90JU42dxP25FJT7P/k3HVHw3ZmM25jpe4YtdHPWFox31l7+VV9JT+h/zsj+keX2/I6+d59zRrK/zme0sfXD658bi1/NKuo3fRcSPT3E/T+bNTKSfEs++2uz78OBM/DW7TlipLd1dXlx40OX2PsvL9Dj6Q199Mqfvlw/SFytr7Xx3pH0f7tk3lfWNtfsKu/outvsOO1JL+TXc7pmms76P9+ybyfoudfTtut5qXw8B0MdGvj1SKv+n/M/y0/Lvy4vlL4Z/NPS9oU9KMfiPwe8XJwc+K3yS/D2exq+3v/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADHt/Lo8d2FWq2yfGglyW7+H9HV4I5K63ZOBw9O8hv5HGVmlVqtMhwHj2ndr68PQm1Xav/eEU/S63j6oTLUb2/+3p2TgLfjav3eg6srjx5/p3pv4U7lTmVpcHZ2bnJu9vOZq7ertYFIHyuTvY4SOAvbH/q9jgQAAAAAAAAAAADo1sF/BjCYjzrZnxP0eBcBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAc25+IoobkcTU5JXJtL25PlNLl1Z9e2QxIgoRkfwqInkecS2aS4x2TJfst50n1bkbL15vvtyeq9gaXzhove6s5UuMR8RAXp7WfDdPPF/S3sM0YZdLJwsOTs3/AwAA//8+wAVR")
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f0000000200)={0x2020, 0x0, <r1=>0x0}, 0x2020)
open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
write$FUSE_INIT(r0, &(0x7f0000002300)={0x50, 0x0, r1, {0x7, 0x9}}, 0x50)
read$FUSE(r0, &(0x7f0000004580)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r0, &(0x7f0000002240)={0x10, 0xffffffffffffffda, r2}, 0x10)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r3, 0x541b, 0x0)

40.227485693s ago: executing program 0:
creat(&(0x7f0000000280)='./file0\x00', 0x0)
mount$cgroup(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000000)={[{@name={'name', 0x3d, '--'}}, {@name={'name', 0x3d, '--'}}]})

40.170566111s ago: executing program 4:
syz_open_dev$vcsn(&(0x7f0000000280), 0x0, 0x80)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x800000, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r1, &(0x7f00000001c0)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
setrlimit(0xe, &(0x7f0000000380)={0xbe, 0x7fff})
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x5)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000400), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000006, 0x28011, 0xffffffffffffffff, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r5, &(0x7f0000000e00)=[{{&(0x7f0000000080)={0x2, 0x4e33, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000040)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @multicast1}}}], 0x20}}, {{&(0x7f00000000c0)={0x2, 0x4e21, @empty}, 0x10, 0x0}}], 0x2, 0x0)
socket(0x10, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000180)={0x0, <r6=>0x0}, &(0x7f00000001c0)=0xc)
lchown(&(0x7f0000000100)='./file0\x00', r6, 0xffffffffffffffff)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600013, 0x15)
r7 = creat(&(0x7f0000000280)='./file1\x00', 0x0)
sendmmsg$unix(r3, &(0x7f0000000340)=[{{&(0x7f0000000200)=@file={0x1, './file1\x00'}, 0x6e, &(0x7f00000002c0)=[{&(0x7f0000000480)="55a5c3adb008a599a69afb189ab163e4bd9496fd180aa2dc4cf7b3c453185a4be105d2c1a27ddf21d4623c924cf1b054c702bfb4fefcb8db626c5b8f086672c8a187612db3fbcff15e080a31fcb7ed0f0b675f0b7dd593e34f8eeda958aef6d29447323d29c1f06ca393eb31dd65b0bb8b35e1400d48fced29d5dd556e3190b6581ebe59c7fc7ab583ac800ec958c12df551dd5c95b07e13003c7a2b101faf4e9c18bbc0de1734bdb6463b81ca70c0f0051e43d36553045e0c2cfc13282acf0b86b106f91c20db6b03b60f1b8a64eaabaf687b5acaaf", 0xd6}, {&(0x7f0000001740)="c2fe2980bd92a4a54d03e3f776956080ce9107a9d1cc551fe1b5c349a3e47abcb5bf76a395df0bb6307dfe6e13985d5677d4c53cae87e4678c82282abdcc8aaa620ad0cd8394939ec6e1ebbef8357fa282e2d83667f173906273ced44a9bb2868f74a4d98d46dcbd286826ef8348a51d74dd7e59568d708d0844b684024e080244a176ba4af838c88681a9cabb17c92ff514cba262b2867b135042711c064810583e0c40e856d20cb8a3828f164bc9cbcb25dfa3f75c21d776b64c1d079cd007a67062dc48cf945a4098778cc7220653d4e63b7b11aa0099e1ddb87fa7872ec9236330d6d16217a9d0b93a5edda5c98dc5fb5d9863cc4772925c74406bf67d8e3de94fa1fe01a386809742809a5b975ce67fca2e470aea68a0332489e6403ce0b609fa94f288e4fdd27b3303539865e6d363ae6e3af87f3c202bb223a4235661bcd56c2205a7e22470b19cff3b953a7b5378d5e9c7d76c486b9072496fb6a4bb35eb27ea4fb94f0870917340872e557db8d4052e10a99ff5e3ff7b9badf0c74b4e197064572ce21551b6f5bf299cf5a2fe5d3c281d2eb5cd5e8399b46c9863c0e3b968e4fcae938b4ed4f3bf513ddbab4ceb8afef13d1ed5cb6ca17f48f1ae35265a2d4616bffda939a46948ecf9fbd911d76c1ac958dafbba4c164d20aa7194417d3fe972e43f47cb1f06796f142ac1b5544195868ced4c8a11c6825bcbce9f6b1a6a8f281a246631ec2370ba21792a0f4bb2a8632bf7f463dc2df2ffae5cd3d6118feadd95a7032461113bbda4f6831c37d36a55e38e0241a5e08608b2a491e2e68bd93d457e31421948d3ff0f270c70d760d10cb0574aa0cb7c4c2cb0dcfd797cf8937b6b7cba4c4e87e9decf36724d3c94f9b6a5d831bd33da162402eb0b3d2f779a0d1c5fcf72e16d8f340b473f2014551fec3c946f987ae1b28bb44657adce2abfbcb1cd7cae4a4292e9eb3ae5a3bbf0cfd5703ff5ff1ca93e5a03c36a20f1c41845cdfb473df25b24c8ed0f2213a4b384d3864d06eeef286c97f4fb407b8791b7120220617d6316d164e9da66a90d20a19bf85f52980e912380b8248300c2952aec5998a5ef0da0ddce249699c44abe61eb4af19a1c7d092b0d8b28209a7228fb77f786378ddb69f414050230ba118da194dd2e88e0dce0b9c2ec6e1ae64d0ea5cd6c8d5fbb7c04bd2cd23f6a8d3f7fefa584b8118eb75ab3c97c9e65f5c0795ed2b036d7e2e24c17a8c30dc27d43aa3f9d66d41dee70d86e291bb0ec7b47d187829aa2aaacf0372eae89e9be6eec9db1938d5880fa250511b28a6c03158d365ac7ce61052134791c48c62f9ad082b8f19729f9380c2194b1488da770d0cba53f882579af87725c316db0817c3f251fd4c1e4c3df47b98e09158f395d3b84090bb1b69c9fbce3ae52088c97fa9db7afafe5c8cf7fe51618826ac7aabe1f12f21c502f84ae278bcde2605c63716e8ac186670b2e6412918ce9cf7d5abcf4f290d521e8f32a3f86c5f624096439f7078cf25352f34084a328899e869a44aef9fbff85d425faa8e75650cdedae236f27e39531bbb9177082fe5f88fb71aa84f7cea709c9ebe9fdb22715d543a7aeb1a868dc8acaa59ab40fd44bc50497e4d30c2e88d54469f97effac96121f9fcd244fb2266a119de4508c7740e0531bcca5f9c5daf611bf9b9a42f80521da97dddb765e430a1e1801d09d81a5cd24c3a916c915345d13e34687940a73817f00f4ac65c55ce5615636e36189813458bbbeabb6c02cf021b435c1b448c2155ccf5a7291a4f547452535199d9639064fe445c9c8776c60b3447ec927a9016ea4ad4e7910e2c88d8f2483cad0c928e524c7846232a3065463536c566db654d6de9f6e61a777645c6fefe21a67f35ceb1f49e0c188be9ff573b370a49a758c7379ec4451ce9b96f8e527bd08390bd709f171aee60452d0eec961a925115fcd841f9536f54359baf2fa64076606dd35a0fd634120d9a3dfd3110133751e03e951c73552f661aec26604cd4ad55fb96f828039851a33f47f92f7705860544aa4121fbda90c24e86a5fae224d52f5f6c282bf3f8d9e54d431f441f6fbe31db42969dbe641edc108b39b3130d1b65f03338f316b7b3c7dec47f7870b03271b8f380a1d1729aa486753ba49a2af5bc6c6fb4d8260e4e7a8ec6bc3a84a476992badeff35e9b4c781ba0e955aec519f5ed8f18f16147e191f4f6bed063eabf6270237d867a106a9810764eb17439a26e477cbe4103cdbf26bb3281af80facc5c8b9fbe9831ae6987138a467c4f39887bd1ddf541e370c5644ebebc67c934e48d51c6c336c62df39a78abadb1d2d733ab2fa2f4adfdc892986187ba2e525a38e2cfd013e05375a48adcbf632c75285d79da7a26fec0be34cf16134978bfe76322caf865d31a4a9adfec8253b4b0fe0da5fb4d39f84ca42a0daccf2344a971f007a0acb05296df03506315ffb9adbab0ab7697a2d01bfba4d1b49def7052aafd163f615532eff90caeea35658946c5c8f9e5b708b26e9bd2370235d6579e43cf154cce7d6e45f3c5a45ecf689dca91be4eb388802c3df007dddb5172279a073e6a9d15a718f0bc1e3df7c34cc443d220d7fa8368f93254cbc6aaef7869f4d044f6ea78c28b46aae6d9660fb6d402d284a5c02bf4bcdc8e3af10dd9957ac43bdc030bf8c84016cb01c380c787bea005e1f12fe0290fbf1c412dcadde1d2f8984e1f007d10eea4d3e31a0ea74ea92c73f0b8189e92188e5f9e3074dc06ae537f6204c291b1b5c305db1e7885919be4806b03d03b877cedf8aadffceb7ef9cf434f13a2c39f234bac085fa95beec9852fe26ddafaac9686a8ecad8e60570fdcd50c90ea1ba416353b51bfcdeb0e2c54f000e8ad278968db41ac3be6e364ec9edccb0da436e8f48cff5e10cda830c87c73632e8164ea71671fd912f77e03880d88d399914a264e904cdc186905048534a57d3e9dd608bdc0b473fcf2673bcd847643d9db7b354a7bcd09523be6840284ea8ca156af40f88985257590224a4b88797bb043a02f534829064691e73f443fde31b99224ea3998086d06ca3fa7fba96f6852149d66932019b46194199f660c9b06858bcebe14ac63fa9e4c8056df93e8d07c47d736c3c6e7e6a1cacb4855d7ebeb43e2c7e39536987a19dd34ed5ad0d91dcccaa3725daad183237b9a9d41c0f2fe6ec6a7718cfbde4469e7538a4123ce12b24dfeeb001c3b33c95cf18ccc283a4ed71b110a74d469fa67c30753be03b822dbd102faa3a3661188be4a9815da9c72c65ade2f25a8b70d0aefe0fcda4a6c7b03cb41b771406a704c28e727b132be345a21342a323a452e80b64885573021cbac9ff318e8a6dd536e2257f082934d703990d42da3e64e041b98123e2256440fd97fd40d96fc5f39743508c014ed36c82f48d3dc6d435ff6d1a8141ec94b7e38decf393deae5a63654ca1703ebcdca4752e58d9698f7ebd05f410c7384364191f0fe5e49f4cf933d609e036459b2288e90a84c840351f1e8e48b50361c91a3eef73cbb180a50486bfae154f39d50b2ca4dace3a32169ec0f5e016d7d95ea0f020edbd7861650def85301260ca6c514762b50d017695faa6bb895639fe04b9a3f1178ccd6dd7abf8872ed64a3484e7ebc0317688fe89c5e361e643d34576919b02589fa017ad1a106a666ceaa820a3cda560e77d84e1a3d17feac7ff6f4864f4f1e65d55a5f7d9bf4fc7bc464da57311a68d4195be42a53094a5197448f5f6e5b146079d8baa3446ec1c3c8eaaa95b972913e5a4564a6d56230e24880cd9db0c059796f227cba2f786fe6bc99437ec8acd6a4c7f70e9f699328cbf5e48862119412ce2ac81266014e1c35d51ef87ec2f2f8904f56d389e508cd82e84eecd33de8d240c79fdc2c58487adbba9475eac35d711c16e4a002bd4f363a99409d0cc914eeeb0376c34b1e5d936790c38a20e0949dcd99ec227a5b6d44e35805a08f9590ce0287a3ee51364c2673edc977dc26de21e96c520d65e4d955b7dacf74116c4b76a689b62aca2f81b1b9017ef55a678886cd0b770d59260aee09e11fde401cff1854f977e4795e0674f0394c1f2ed5265a3f704a3ec977f3c7f3df8278828a1cfb7bdebd0f4a4bdbc794e9bd1f2bc224b5f29faf7161a05f4ea2b0a3251710cd3dd2f5cb95df27118b2819f9c37bc20af19da3a15cb1d8a03ea86c13d9753a753cc9bdb0addbf2d7c580bc8877d5d24b34f6ebcebe507a1cd63e7407654c7e9c62ccadd64322c3694dc642fd2c239b6d21b62d24e33c2339f08eea83eff423922cba49f1da563912094d4e851e57441c0a6c81ac6ebf1b7daeafdb2509dbc2d182fc179ebbc5a7bc0b4847b1c7d91e36390a869af5d03a2ad786b9fa5b2bbb1e0adcf166a245c1efbababb682036eba9e85a59bb2016c97d831f369769045c66545e4321d7dc41791c141687d4e2c6484ff87c62c79ee506abd8902987b96de6af27064db4ee41fae13c9717c0f74e8d24540bb7595d806a4ff4c9411638ebf7bea0040a71227856b61d5d32ad61f176cba5bb43e5c2e715ce0b1f0e8002cae060c6e7f32ee8b6d52bf31d467b1a9fa3595625a1daf0e53d296cc54bd7d620f6bbaecfa661f2cf3bd0af191ead2ebf0fdabd02128d1894f45b9647008adcf3e4d690d8a9df02a48310ad283e02a8910a36f4a1589143f951de0f31d6e72ffb66da25349412700d37b383cec393ccdebb71c242fb2890ce754ee3873484f5b1e08700aa62c74e28b4f6921b3fe51e893c3a21c1a1696f94f82a540b4864e95bca84fbd12cf63e645ce513e2b0c84998fa33fe4a75ac2339865c7429b7177a83844ac79c5ac40deb1b7a89a207f5be878fd00b7913b3a9b7a7b2bbfc1b392d32b533ae1a367188df32134173ce9b8db162b4ba170153973d5650972d2b82ca5109dbc51dafcd33d96c15f7473e3d6529251fd10126cc96ec8ec8fb7595c8f5278b2f281324ec26ccacd20319e467aa0ae6e94b5e411812421dee91424e35bdebece2c08897e1a42a101c65900a8c5cd7e5828a42255bb7b2e33b8cc101b33d2dcdc3f4a54f24841bcee28a87b9acc97b205dc5f3f2f48c8ce366278b3410026931781fa8862debfa1c3b81d0b3581052d396b4259d9eea881943d115fb2418a0b5e674239c079271ae4568d919afa8f5563706a84fec11bc12fcc048ec8c8b2b2be65b8cf63b43df34ce9435e18025b0bc9ed152823b0e38b2a22483fd33a0dc926cc1622b69858972526e241c4214d71b1f9d693a4d3b06625149e8dcd2f7e415b107dbeedd9510597a671ef21e490290f24827e53eb24a7534a610dee79b4bc84c262eb6050e81ddbb6013468d17824bdf3adf6c827c810ca19b54301d5391b986fd55df638069082b3bc3ffb02734b7929e146e6ad8c9f82b2b74101d573d48ac7a8d611e128cded648c33c1c42e07723e996803019c1352ba7c65f9fddb026df2d6c65e5b3c86d828f362852cf1233fe7a22259eb2e045a282926b904c0539747f5e04a0437d98b66c1f18a3b512e7aa87dcb4d000f44fad873fb0399b1fcf8b7baacabfe9496f96bb93dca95b369cfe3956a58709c91e1855d8bad7320637cd394419d053b32f44bd64790bcced06b43e72db9afe8db3c65da688f59ddf6c16f0ba5f78b187eb86340aa1266bf22813fb7d7812172b6ccd942e267c91dd5d689ea2ebf319ddb50ed6be168d7f2b1bd3c539d26fccb63489a77b4c73bfdcc5f9e96150e561bea45e2569ffbddeb65663ae0ea97690d6c", 0x1000}], 0x2, &(0x7f0000000300), 0x0, 0x8030}}], 0x1, 0x10)
write$eventfd(r7, &(0x7f0000000080), 0xfffffe5e)
openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000440)='./binderfs2/binder-control\x00', 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))

40.128671768s ago: executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000007c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000001840)={0xc, 0x0, &(0x7f0000000800)=[@dead_binder_done], 0x0, 0x0, 0x0})

39.990102429s ago: executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001c40)=@newtaction={0xf0, 0x30, 0x1, 0x0, 0x0, {}, [{0xdc, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c}]]}, {0x4}, {0xc}, {0xc}}}, @m_police={0x6c, 0x2, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x1}}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xf0}}, 0x0)

38.853696103s ago: executing program 4:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
semctl$SETALL(0x0, 0x0, 0x11, 0x0)
msgsnd(0x0, 0x0, 0x0, 0x0)

38.837207276s ago: executing program 1:
r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0)
write$sndseq(r0, &(0x7f0000001380)=[{0x6, 0x0, 0x0, 0x0, @tick, {0x4}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw32}], 0x70)

38.776278685s ago: executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$inet6(r1, &(0x7f0000002d40)=[{{0x0, 0x0, &(0x7f0000002c00)=[{&(0x7f0000002980)="f555c15b70122cd0c98a5b39d97524", 0xf}], 0x1}}], 0x1, 0x0)

38.660632163s ago: executing program 1:
r0 = socket(0x840000000002, 0x3, 0xfa)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r0, &(0x7f0000005240), 0x4000095, 0x0)
setsockopt$inet_group_source_req(r0, 0x0, 0x2d, 0x0, 0x0)

38.079096922s ago: executing program 4:
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x80)
r0 = socket(0x2, 0x3, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001240)={&(0x7f0000000c40)=ANY=[], 0x184}}, 0x0)
ioctl$sock_netdev_private(r0, 0x8990, &(0x7f0000000000)="831cd2bd37c4fed05886312a3a")
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000000)={0x9}, 0x3c33)
write(r2, &(0x7f00000000c0)="240000001a005f0214fffffffffffff80700000001000000000000000500090002000000", 0x24)
sendmsg$IPVS_CMD_NEW_SERVICE(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x14, 0x0, 0x1}, 0x14}}, 0x0)
syz_emit_ethernet(0x6e, &(0x7f0000000140)=ANY=[@ANYBLOB="bbbbbbbbbbbb0180c200000086dd60e4d70000383a00fe880000000000000000000000000001ff020000090000000000000000000001020090780000000060fd906300003a0000000000000000000000000000000000fec0ffff000000000000ff7fac1414aaef9edaaa64947bfe"], 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'geneve0\x00'})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x2}, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000180)='net/arp\x00')
preadv(r3, &(0x7f00000001c0)=[{&(0x7f0000000280)=""/24, 0x18}], 0x1, 0x4f, 0xfffffff8)

37.749266022s ago: executing program 3:
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = dup3(r1, r0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BLKALIGNOFF(0xffffffffffffffff, 0x127a, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000480)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x78, 0x18, &(0x7f0000000280)={@ptr={0x70742a85, 0x0, 0x0}, @ptr={0x70742a85, 0x0, &(0x7f0000000580)=""/206, 0xce, 0x0, 0x11}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x1}}, &(0x7f0000000240)={0x0, 0x28, 0x50}}, 0x1000}], 0x0, 0x0, 0x0})

37.675173634s ago: executing program 3:
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x440, &(0x7f0000000bc0)=ANY=[@ANYBLOB="005085354abb9e1ea2e95714aaf5f7d1ba00c0d3ee51b16a8e6146ccbf8a77931081bf24c89938ea3ecd66a8c73f5d707d5648604d6270f421c65da5f28dfb9f1a886b67230ad6000018e693a6792559eb244ebb510b2d00000000000000002e0c641c5a8921cbab087c4068fb7a181c8af3f44a13d0cba134c67b5f3436a182e0fae7a23adb45d3adb53a4b4a865558644e500da903dd3cfbad388ed61706d325df272a8289255d2c8730731342028fe35b4c953739f1afbacba0f3e8ae89176e2b5aa7b0eb4e2fdc9069680dcc30af12c8dfa58e53dcc3229cdea9f6f8cbdc1155d37704b108f5e4abddab215665f73e6579034c167010fce5cefc1151581dde848017acdfe6cb87a05b75806a8244276d1a3a034b600df2a9611497ea8ed44a5f833cd9b91aa87b826853410edab7a311dfeb4c146d4a44159d29ce1d35cb2be1779847b9be9e32a7a143eaf6db55d0e2bd3955da208fa874e6d3a679e8eefd62008482dc274a51f96d7888dc83e3e85168b85f51c7d8313b8c1424b797c7b5b6a101fb59d011d94eb4d61ca365dbff"], 0x1, 0x2ed, &(0x7f0000000680)="$eJzs3cFrI1UcB/DftnVXKrvJQQQF8aEXvQxtzx42SAuLAUU3ggrCrJ1oyCQpmRDIItabV/8JDyseBQ+C+A/04t/grZce97AYaWbNNlJPagPu53OY94PffIf3eMPwbnP65jeDfrfKuvkkNm5fi63bERsPr0UzNmIzal/FG9/+ePby+x9+9Har3d5/L6WD1t3dvZTSrVd+/viL71/9ZfLcBz/c+ulGnDQ/OT3b++3khZMXT3+/+3mvSr0qDUeTlKd7o9Ekv1cW6bBX9bOU3i2LvCpSb1gV45V+txwdHc1SPjy8uX00Lqoq5cNZ6hezNBmlyXiW8s/y3jBlWZZubgf/ROe7h/N5nM2uR8zn83XPhqu32P95bd1z4erZ/6eb/X+6XTjUPRsx+HramXbqse63utGLMorYiUY8WhwTlm/L+fXgTnt/Jy0048Hg+HH+eNrZXM3vRiOal+d363xazT8T2xfze9GI5y/P712avx6vv3Yhn0Ujfv00RlHGYZxnn+S/3E3prXfaf8nfWNwHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/1OWlprxYHA87Uw7EefjZt3P/q5f51vd6EUZRexEIx5FzJfq+uBOe3/n8QNW81vx0tZ61w4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf6pm9/t5WRZjhUKhWBbr/jIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA1Xvy0+91zwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB1qmb3+3lZFuP/sFj3GgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODf8kcAAAD//8BO4LU=")
openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
fchdir(0xffffffffffffffff)
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240), 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000280)=ANY=[], 0x15)
write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000100)={0x18}, 0x18)

37.534421575s ago: executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000001000000000000000000000000100000f01d00ff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

37.207826726s ago: executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000b80)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="400000001400030400000000000000000a000000", @ANYRES32=r2, @ANYBLOB="14000200ff020000000000000000000000000001140006000900000006ff"], 0x40}}, 0x0)

31.160341263s ago: executing program 2:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(r1, 0x29, 0x41, &(0x7f00000007c0)=ANY=[@ANYBLOB="66696c746572000000000000000000000000000000000000000000000000000004"], 0x68)

31.099535312s ago: executing program 2:
syz_open_procfs$namespace(0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0xa08886, &(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x9, 0x2a8, &(0x7f0000000500)="$eJzs3F9IU38Yx/HHPz/1Z+hGRFBQPeVNRRzcrgMdoRENjHJhCcExz2rstI2dsZqEWxB400U3/buuIEIQoosgELvoKpTwrovuvPMiu0oiOjGnudnUMnWS79fF9rDn+zl8z58dtu9g08fvXouGHSNspqS6oUqq2yUns1XilWpZkJMj10fe7zt34eLpQDDYcVa1M9Dt86tq84HR3pvDh8ZSO86/bH5dL+PeS9Mz/qnx3eN7pr93X404GnE0Fk+pqX3xeMrssy3tv+9EDdUztmU6lkZijpUs6YfteCKRUTPW39SYSFqOo2Yso1Ero6m4ppIZNa+YkZgahqFNjYKVDacfBZbvhp7Puq7MpN65bn1OXNfNv9iwidNDhc2df9ctOv93Kj0lbKKim3qDiD2UDqVDhedCPxCWiNhiSat45JvkrxH38Yg7d6nkH2/4R4KTR9++UVWvDNrZ+Xw2HaopzfvEI95CpqBQd54Kdvi0oDT/nzQW5/3ikV3l8/6y+To53FKUN8Qjk5clLrZMjB78MtU19GAhP+hTPdEVXJL/X/oXD9OzzxU6PwAAAAAAAAAArIWhP5VdvzfyA24PqGrTkn4hX+73gaXr861l1+drZW9tZfcdAAAAAIDtwskMRE3btpJ/WeS/yq/Hdv694smt3x+8v3PlMS1tNRPtH3KJrbBff1B87dkS0ygtZH71abXBNev8TlksPq3Ldqrm57f8mJO9H1+sup26X47PcsY2/q4EAAAAYCMsfuhvk2z4VTrbc+xepecEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB2s4a/HJt4WK6l+WLn03KtSu8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADASn4EAAD//xAR0Ao=")
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getrlimit(0x0, &(0x7f0000000240))
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
setrlimit(0xf, &(0x7f0000000280)={0x89c, 0x4})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000840)=0x2)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/udp\x00')
preadv(r4, &(0x7f0000000400)=[{&(0x7f0000000340)=""/98, 0x62}, {&(0x7f0000000500)=""/134, 0x86}], 0x2, 0x3f, 0x0)

30.148102898s ago: executing program 2:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
getsockname(r0, 0x0, &(0x7f0000000080))

30.086706167s ago: executing program 2:
r0 = syz_open_dev$usbmon(&(0x7f0000000040), 0x0, 0x0)
mmap$usbmon(&(0x7f0000ff8000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x0)
ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x47cdc)

30.035289705s ago: executing program 2:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x5ac, 0x24f, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x5, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
syz_usb_control_io(r0, &(0x7f0000000d40)={0x2c, &(0x7f0000000780)=ANY=[@ANYBLOB='\x00\x00\a'], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_open_dev$hidraw(&(0x7f0000002300), 0x0, 0x0)

9.964185292s ago: executing program 0:
r0 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x121801)
io_setup(0x3, &(0x7f0000000180)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000800)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])

8.627123517s ago: executing program 1:
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x0, 0x5, 0x2}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='io.stat\x00', 0x275a, 0x0)
openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200))
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$inet6(r1, &(0x7f00000013c0)={&(0x7f0000000100)={0xa, 0x4e23, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c, 0x0, 0x0, &(0x7f00000003c0)=[@rthdrdstopts={{0x18}}, @hopopts={{0x30, 0x29, 0x36, {0x0, 0x2, '\x00', [@hao={0xc9, 0x10, @private2}]}}}], 0x48}, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESDEC=0x0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r2}, 0x10)
unshare(0x60000000)
unshare(0x64000600)

8.053218625s ago: executing program 4:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002a20702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='ramfs\x00', 0x0, 0x0)
mount(0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x100000, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0, 0x0)
mkdirat(r1, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000200)='./file0\x00', &(0x7f00000001c0)='./file0/file0\x00', 0x0, 0x65000, 0x0)
mount$bind(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x1805002, 0x0)
move_mount(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', r1, &(0x7f0000000140)='./file0/file0\x00', 0x0)

7.184206349s ago: executing program 3:
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40c8, &(0x7f0000000200), 0xfb, 0x496, &(0x7f0000000f40)="$eJzs3EtsG0UfAPD/Okn7fX0llPJoKRAoiIpH0qaF9oDEQ0LiAAgJDuVo0rQqdRvUBIlWEQ2oKhckqMQdgbggcebAiRMCTkhcOMAdVapQLxRORmvvGsexHdd14jx+P2nrGWfsmf/uzu7sTtcBbFij6T9JxLaI+C0ihiOi0FhgtPpy4/rc5N/X5yaTKJdf+zNJPxZ/XZ+bzIsm2evWamYwfSlcSuLZJvXOnL9wulgqTZ3L8uOzZ94enzl/4YlTZ4onp05OnZ04evTwoYNHnpp4sidx3pa2dc9703t3v/jGlZcnj11588evk7pG18fRG0MxX7dOGj3c28r6bntdOhlsW7Sw7I2hY5sjKh11qNL/h2Pg0o7a34bjhQ/62jhgWZXL5fJE6z/Pl4F1LIl+twDoj/xEn17/5ssKDT1WhWvPVS+A0rhvZEv1omewdqE61HB920tzEXFs/p/P0iWW5T4EAMBC36Xjn8ebjf8KcWdduR3Z3NBINpeyMyJuj4hdEXFHRKXsXRFx903WP9qQXzz+KVztKrAOpeO/p7O5rXzJ6s2LjAxkue2V+IeSE6dKUweydbI/hjan+YNNvz2JyiRQ/PJxq/pH68Z/6ZLWn48Fs3ZcHdy88DPHi7PFWw48c+39iD2DzeLPJvCyOazdEbGnyzpOPfrV3oXvDNRSS8ffRvt5po6UP494pLr956Mh/lzSfn5y/H9Rmjownu8Vi/308+VXW9V/S/H3QLr9tzTd/2vxjyT187Uzi75i01J1XP79w5bXNKMRz0QX+/+m5PUFlb9bnJ09dzBiU/LS4vfrbnDn+bx8Gv/+fc37/874b03cExHpTnxvRNwXEfdn2+6BiHgwIva1if+H5x96q038fd3+kR2hOtr++Xao7gi1PWKpxMDp779tVXlnx7/DldT+7J1Ojn+dNrDLdQYAAABrSiEitkVSGKulC4Wxser/4d8VWwql6ZnZx05Mv3P2ePUZgZEYKuR3uoazfGT3P0eq+crV90TlNeJidr/0UHbf+NOB/1fyY5PTpeP9Dh42uK0t+n/qj4F+tw5Ydj2YRwPWqHb9/4sjK9gQYMV1f/43coC1bole7AcbYB1zFoeNq1n/v9iHdgArr/X5f8rQANa5Wif/pIPCdY97NT68Caw9TvKwcS3d/19Zrt+/Avqn86f4V0siSRa8E19GtP9U0v82d5H4aHU0o3UiCquiGV0niqujGTeRGOz4Vy3Oly8WS6Vfv7mVSvt9ZAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiNfwMAAP//oefi4g==")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100000100000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='ext4_allocate_blocks\x00', r0}, 0x10)
mkdir(&(0x7f00000002c0)='./bus\x00', 0x0)

0s ago: executing program 2:
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f00000001c0), &(0x7f0000000200)=0x4)

kernel console output (not intermixed with test programs):

5fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (6569)
[  246.233143][ T6569] BTRFS info (device loop4): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  246.249201][   T26] audit: type=1800 audit(1717805716.050:179): pid=6599 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1958 res=0 errno=0
[  246.265285][ T6569] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  246.334808][ T3649] usb 1-1: USB disconnect, device number 13
[  246.366505][ T6569] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  246.401324][ T6569] BTRFS info (device loop4): use zstd compression, level 3
[  246.427040][ T6569] BTRFS info (device loop4): using free space tree
[  246.516238][ T6603] loop2: detected capacity change from 0 to 4096
[  246.579793][ T6569] BTRFS info (device loop4): enabling ssd optimizations
[  246.703222][ T6569] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_LZO (0x8)
[  246.832028][ T3571] BTRFS info (device loop4): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  248.156837][ T3614] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  248.163983][ T6640] loop0: detected capacity change from 0 to 2048
[  248.236279][ T6640] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  248.254378][ T6640] ext4 filesystem being mounted at /root/syzkaller-testdir2028247218/syzkaller.DVPshy/11/file0 supports timestamps until 2038 (0x7fffffff)
[  248.406409][ T3614] usb 3-1: Using ep0 maxpacket: 8
[  248.446477][ T6627] loop1: detected capacity change from 0 to 32768
[  248.461896][ T6627] BTRFS: device fsid 3a492a15-ac49-4ce6-945e-cef7a687c6c9 devid 1 transid 8 /dev/loop1 scanned by syz-executor.1 (6627)
[  248.495292][ T6627] BTRFS info (device loop1): first mount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9
[  248.517380][ T6115] EXT4-fs (loop0): unmounting filesystem.
[  248.531055][ T6627] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  248.560802][ T3614] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  248.575831][ T3614] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  248.588118][ T6627] BTRFS info (device loop1): using free space tree
[  248.599279][ T3614] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  248.611806][ T3614] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  248.624069][ T3614] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  248.638101][ T3614] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  248.647629][ T3614] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  248.672681][ T6630] loop3: detected capacity change from 0 to 32768
[  248.793140][ T6627] BTRFS info (device loop1): enabling ssd optimizations
[  248.827117][   T26] audit: type=1800 audit(1717805718.620:180): pid=6627 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="loop1" ino=260 res=0 errno=0
[  248.880837][   T26] audit: type=1804 audit(1717805718.670:181): pid=6627 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1407217344/syzkaller.v24REp/28/file0/file1" dev="loop1" ino=260 res=1 errno=0
[  248.919482][ T3614] usb 3-1: usb_control_msg returned -32
[  248.925159][ T3614] usbtmc 3-1:16.0: can't read capabilities
[  249.003153][ T6072] BTRFS info (device loop1): last unmount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9
[  249.716562][ T3614] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  249.824691][ T6669] loop4: detected capacity change from 0 to 32768
[  250.091340][ T6678] loop0: detected capacity change from 0 to 40427
[  250.092476][ T6694] loop4: detected capacity change from 0 to 512
[  250.107148][ T3614] usb 4-1: config 0 has no interfaces?
[  250.112974][ T6678] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  250.123389][ T6678] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  250.149341][ T6678] F2FS-fs (loop0): invalid crc value
[  250.168767][ T6694] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  250.184881][ T6678] F2FS-fs (loop0): Found nat_bits in checkpoint
[  250.201806][ T6694] ext4 filesystem being mounted at /root/syzkaller-testdir2784063830/syzkaller.H9CEXA/216/file0 supports timestamps until 2038 (0x7fffffff)
[  250.216658][ T3614] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  250.229751][ T3614] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  250.238060][ T3614] usb 4-1: SerialNumber: syz
[  250.244854][ T3614] usb 4-1: config 0 descriptor??
[  250.292944][ T6694] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 3: comm syz-executor.4: path /root/syzkaller-testdir2784063830/syzkaller.H9CEXA/216/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[  250.304501][  T152] usb 3-1: USB disconnect, device number 8
[  250.330528][ T6678] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  250.339154][ T6678] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  250.429597][ T3571] EXT4-fs (loop4): unmounting filesystem.
[  250.564953][ T6638] usb 4-1: USB disconnect, device number 16
[  250.630606][ T1106] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  250.676785][ T1106] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  250.760400][   T26] audit: type=1800 audit(1717805720.560:182): pid=6710 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1956 res=0 errno=0
[  250.795418][ T6710] input: syz0 as /devices/virtual/input/input14
[  251.250548][ T6708] loop2: detected capacity change from 0 to 32768
[  251.279512][ T6708] BTRFS: device fsid 3a492a15-ac49-4ce6-945e-cef7a687c6c9 devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (6708)
[  251.326563][ T6708] BTRFS info (device loop2): first mount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9
[  251.350597][ T6708] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  251.372272][ T6708] BTRFS info (device loop2): using free space tree
[  251.530633][ T6708] BTRFS info (device loop2): enabling ssd optimizations
[  251.587553][   T26] audit: type=1800 audit(1717805721.390:183): pid=6708 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file1" dev="loop2" ino=260 res=0 errno=0
[  251.699512][   T26] audit: type=1804 audit(1717805721.420:184): pid=6708 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2822852477/syzkaller.ZqIFut/4/file0/file1" dev="loop2" ino=260 res=1 errno=0
[  251.768128][ T6423] BTRFS info (device loop2): last unmount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9
[  252.013760][ T6717] loop1: detected capacity change from 0 to 40427
[  252.036218][ T6717] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  252.044198][ T6717] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  252.061542][ T6717] F2FS-fs (loop1): Found nat_bits in checkpoint
[  252.128876][ T6717] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  252.136074][ T6717] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  252.634767][ T6768] vivid-000: disconnect
[  252.655265][ T6767] vivid-000: reconnect
[  253.087807][ T6638] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  253.227800][ T6751] loop0: detected capacity change from 0 to 40427
[  253.262067][ T6751] F2FS-fs (loop0): invalid crc value
[  253.305923][ T6760] loop3: detected capacity change from 0 to 40427
[  253.314256][ T6760] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  253.323248][ T6760] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  253.334445][ T6751] F2FS-fs (loop0): Found nat_bits in checkpoint
[  253.336462][ T6638] usb 3-1: Using ep0 maxpacket: 32
[  253.360281][ T6760] F2FS-fs (loop3): invalid crc value
[  253.390500][ T6760] F2FS-fs (loop3): Found nat_bits in checkpoint
[  253.421921][ T6751] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0
[  253.453872][ T6751] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  253.493398][ T6760] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  253.512440][ T6760] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  253.526416][ T6751] syz-executor.0: attempt to access beyond end of device
[  253.526416][ T6751] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  253.615965][   T34] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  253.630893][ T6638] usb 3-1: New USB device found, idVendor=2c7c, idProduct=0121, bcdDevice=76.da
[  253.646746][ T6638] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  253.654797][ T6638] usb 3-1: Product: syz
[  253.661041][   T34] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  253.686499][ T6638] usb 3-1: Manufacturer: syz
[  253.691212][ T6638] usb 3-1: SerialNumber: syz
[  253.717207][ T6638] usb 3-1: config 0 descriptor??
[  253.866413][  T152] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  253.911915][ T6774] loop1: detected capacity change from 0 to 32768
[  253.937382][ T6774] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor.1 (6774)
[  253.973381][ T3614] usb 3-1: USB disconnect, device number 9
[  253.983119][ T6774] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  253.984811][ T6788] loop0: detected capacity change from 0 to 1024
[  254.015518][ T6774] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  254.041507][ T6774] BTRFS info (device loop1): doing ref verification
[  254.062735][ T6774] BTRFS info (device loop1): enabling ssd optimizations
[  254.070295][ T6788] hfsplus: b-tree write err: -5, ino 3
[  254.086229][ T6774] BTRFS info (device loop1): turning on sync discard
[  254.111350][ T6774] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  254.121338][ T3761] hfsplus: b-tree write err: -5, ino 3
[  254.126958][  T152] usb 5-1: Using ep0 maxpacket: 8
[  254.138975][ T6774] BTRFS info (device loop1): use zstd compression, level 3
[  254.150584][ T6774] BTRFS warning (device loop1): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  254.174583][ T6774] BTRFS info (device loop1): trying to use backup root at mount time
[  254.186756][ T6774] BTRFS info (device loop1): using free space tree
[  254.246904][  T152] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  254.264345][  T152] usb 5-1: config 179 has no interface number 0
[  254.279949][  T152] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 64, changing to 10
[  254.304569][  T152] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 1029, setting to 1024
[  254.320224][ T6807] 9pnet_fd: Insufficient options for proto=fd
[  254.343895][  T152] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  254.377774][  T152] usb 5-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  254.395981][ T6800] loop3: detected capacity change from 0 to 4096
[  254.417781][  T152] usb 5-1: config 179 interface 65 has no altsetting 0
[  254.424820][  T152] usb 5-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  254.443978][  T152] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  254.476841][ T6786] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  254.722704][  T152] usb 5-1: USB disconnect, device number 10
[  254.822483][ T6821] loop2: detected capacity change from 0 to 8
[  254.877023][ T6072] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  254.980865][ T3581] Bluetooth: hci5: sending frame failed (-49)
[  255.007009][ T3582] Bluetooth: hci5: Opcode 0x1003 failed: -49
[  255.345866][ T6829] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[  255.520390][ T6838] loop0: detected capacity change from 0 to 1024
[  255.582571][ T6838] overlayfs: filesystem on './file0' not supported
[  255.599547][ T1253] ieee802154 phy0 wpan0: encryption failed: -22
[  255.605918][ T1253] ieee802154 phy1 wpan1: encryption failed: -22
[  255.703379][  T102] hfsplus: b-tree write err: -5, ino 4
[  256.519447][ T6831] loop4: detected capacity change from 0 to 40427
[  256.555051][ T6831] F2FS-fs (loop4): invalid crc value
[  256.614954][ T6831] F2FS-fs (loop4): Found nat_bits in checkpoint
[  256.735297][ T6858] bond0: (slave bond_slave_1): Releasing backup interface
[  256.795299][ T6831] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0
[  256.832784][ T6849] loop3: detected capacity change from 0 to 32768
[  256.839431][ T6861] xt_CT: You must specify a L4 protocol and not use inversions on it
[  256.862785][ T6831] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  256.903524][ T6849] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor.3 (6849)
[  256.946956][ T6831] syz-executor.4: attempt to access beyond end of device
[  256.946956][ T6831] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  256.975730][ T6849] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  257.007777][ T6849] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  257.061167][ T6849] BTRFS info (device loop3): doing ref verification
[  257.074889][ T6849] BTRFS info (device loop3): enabling ssd optimizations
[  257.106410][ T6849] BTRFS info (device loop3): turning on sync discard
[  257.121429][ T6849] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  257.159709][ T6849] BTRFS info (device loop3): use zstd compression, level 3
[  257.182345][ T6849] BTRFS warning (device loop3): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  257.213276][ T6849] BTRFS info (device loop3): trying to use backup root at mount time
[  257.241067][   T26] audit: type=1800 audit(1717805727.040:185): pid=6845 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="sda1" ino=1964 res=0 errno=0
[  257.267607][ T6849] BTRFS info (device loop3): using free space tree
[  257.296434][   T26] audit: type=1804 audit(1717805727.070:186): pid=6845 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir2028247218/syzkaller.DVPshy/27/file1" dev="sda1" ino=1964 res=1 errno=0
[  257.367665][ T3613] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  257.626391][ T3613] usb 2-1: Using ep0 maxpacket: 8
[  257.765819][ T3613] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  257.794539][ T6064] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  257.795054][ T3613] usb 2-1: config 179 has no interface number 0
[  257.818262][ T3613] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 64, changing to 10
[  257.834931][ T3613] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 1029, setting to 1024
[  257.854066][ T3613] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  257.864628][ T3613] usb 2-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  257.884465][ T3613] usb 2-1: config 179 interface 65 has no altsetting 0
[  257.891996][ T3613] usb 2-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  257.907596][ T3613] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  257.946929][ T6864] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  258.202476][ T3613] usb 2-1: USB disconnect, device number 12
[  258.350925][ T6895] vivid-000: disconnect
[  258.360382][ T6894] vivid-000: reconnect
[  258.776622][ T3613] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  258.924231][ T6910] netlink: 'syz-executor.1': attribute type 11 has an invalid length.
[  259.126571][ T6913] bond0: (slave bond_slave_1): Releasing backup interface
[  259.286570][ T3613] usb 3-1: config 1 interface 0 altsetting 8 endpoint 0x1 has invalid wMaxPacketSize 0
[  259.304572][ T3613] usb 3-1: config 1 interface 0 altsetting 8 bulk endpoint 0x1 has invalid maxpacket 0
[  259.329368][ T6920] process 'syz-executor.1' launched './file0' with NULL argv: empty string added
[  259.341043][ T3613] usb 3-1: config 1 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  259.377844][ T3613] usb 3-1: config 1 interface 0 has no altsetting 0
[  259.556650][ T3613] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  259.565857][ T3613] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  259.594753][ T3613] usb 3-1: Product: syz
[  259.599140][ T3613] usb 3-1: Manufacturer: syz
[  259.603775][ T3613] usb 3-1: SerialNumber: syz
[  259.714040][ T6927] EXT4-fs warning (device sda1): __ext4_ioctl:1246: Setting inode version is not supported with metadata_csum enabled.
[  259.933130][ T4435] usb 3-1: USB disconnect, device number 10
[  259.997746][ T6931] loop4: detected capacity change from 0 to 2048
[  260.047394][ T6931]  loop4: p3 < > p4 < >
[  260.051761][ T6931] loop4: partition table partially beyond EOD, truncated
[  260.065777][ T6931] loop4: p3 start 4284289 is beyond EOD, truncated
[  260.220079][ T6929] loop4: detected capacity change from 0 to 512
[  260.244173][ T6929] EXT4-fs (loop4): can't mount with data=, fs mounted w/o journal
[  260.666740][ T4435] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  260.690825][ T6947] bond0: (slave bond_slave_1): Releasing backup interface
[  260.958650][ T4435] usb 4-1: Using ep0 maxpacket: 8
[  261.031144][ T6959] loop2: detected capacity change from 0 to 128
[  261.064626][ T6959] VFS: Found a Xenix FS (block size = 512) on device loop2
[  261.093665][ T6959] sysv_free_block: trying to free block not in datazone
[  261.106926][ T4435] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[  261.116087][ T4435] usb 4-1: config 179 has no interface number 0
[  261.136975][ T4435] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 64, changing to 10
[  261.163195][ T4435] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 1029, setting to 1024
[  261.186371][ T4435] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  261.208000][ T4435] usb 4-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  261.222546][ T6423] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  261.244744][ T4435] usb 4-1: config 179 interface 65 has no altsetting 0
[  261.252850][ T4435] usb 4-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  261.262412][ T4435] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  261.298226][ T6939] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  261.548705][ T6638] usb 4-1: USB disconnect, device number 17
[  261.915545][ T6991] loop1: detected capacity change from 0 to 4096
[  262.159254][ T6998] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  262.436038][ T7009] loop4: detected capacity change from 0 to 1024
[  262.505023][ T7009] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  262.626038][ T7021] loop1: detected capacity change from 0 to 1024
[  262.677700][ T7009] EXT4-fs (loop4): Online defrag not supported with bigalloc
[  262.701060][ T7021] hfsplus: bad catalog entry type
[  262.810948][  T102] hfsplus: b-tree write err: -5, ino 4
[  262.813210][ T3571] EXT4-fs (loop4): unmounting filesystem.
[  262.888774][ T7027] xt_CT: You must specify a L4 protocol and not use inversions on it
[  264.123915][ T7046] loop2: detected capacity change from 0 to 4096
[  264.194413][ T7051] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  264.462578][ T7055] loop3: detected capacity change from 0 to 1024
[  264.530121][ T7055] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  264.593031][ T7035] loop4: detected capacity change from 0 to 40427
[  264.598816][ T7055] EXT4-fs (loop3): Online defrag not supported with bigalloc
[  264.604041][ T7035] F2FS-fs (loop4): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  264.623999][ T7035] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  264.637159][ T7035] F2FS-fs (loop4): invalid crc value
[  264.715135][ T6064] EXT4-fs (loop3): unmounting filesystem.
[  264.722557][ T7035] F2FS-fs (loop4): Found nat_bits in checkpoint
[  264.898080][ T7035] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  264.923861][ T7035] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  265.095837][ T3571] syz-executor.4: attempt to access beyond end of device
[  265.095837][ T3571] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  265.356581][ T6638] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  265.597230][ T6638] usb 3-1: Using ep0 maxpacket: 8
[  265.626102][ T7090] xt_CT: You must specify a L4 protocol and not use inversions on it
[  265.716850][ T6638] usb 3-1: config 135 has an invalid interface number: 230 but max is 0
[  265.731168][ T6638] usb 3-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[  265.757550][ T7082] loop1: detected capacity change from 0 to 32768
[  265.772121][ T6638] usb 3-1: config 135 has no interface number 0
[  265.784206][ T6638] usb 3-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  265.797909][ T7082] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz-executor.1 (7082)
[  265.816207][ T7092] loop4: detected capacity change from 0 to 4096
[  265.844093][ T7093] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  265.844383][ T7082] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  265.911931][ T7082] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  265.927255][ T7082] BTRFS info (device loop1): use zlib compression, level 3
[  265.934538][ T7082] BTRFS info (device loop1): using free space tree
[  265.976700][ T6638] usb 3-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[  265.985810][ T6638] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  266.012473][ T6638] usb 3-1: Product: syz
[  266.028322][ T6638] usb 3-1: Manufacturer: syz
[  266.032989][ T6638] usb 3-1: SerialNumber: syz
[  266.090979][ T6638] usb 3-1: Found UVC 0.00 device syz (18ec:3288)
[  266.099049][ T6638] usb 3-1: No valid video chain found.
[  266.136486][ T7082] BTRFS info (device loop1): enabling ssd optimizations
[  266.191455][ T7089] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  266.299785][ T6638] usb 3-1: USB disconnect, device number 11
[  266.338289][ T7116] loop3: detected capacity change from 0 to 1024
[  266.340753][ T6072] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  266.372417][ T7116] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  266.424569][ T7116] EXT4-fs (loop3): Online defrag not supported with bigalloc
[  266.669341][ T6064] EXT4-fs (loop3): unmounting filesystem.
[  266.733604][ T7122] netlink: 66 bytes leftover after parsing attributes in process `syz-executor.3'.
[  266.951000][ T7132] loop4: detected capacity change from 0 to 1024
[  267.564755][ T7156] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  267.589271][ T7158] loop1: detected capacity change from 0 to 512
[  267.589508][ T7156] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  267.629918][ T7158] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  267.632284][ T7156] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  267.683084][ T7158] EXT4-fs (loop1): 1 truncate cleaned up
[  267.696122][ T7158] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  267.935417][ T6072] EXT4-fs (loop1): unmounting filesystem.
[  267.948327][ T7137] loop3: detected capacity change from 0 to 32768
[  268.031221][ T7137] XFS (loop3): Mounting V5 Filesystem
[  268.187934][ T7137] XFS (loop3): Ending clean mount
[  268.205024][ T7137] XFS (loop3): Quotacheck needed: Please wait.
[  268.304826][ T7186] loop1: detected capacity change from 0 to 4096
[  268.369378][ T7137] XFS (loop3): Quotacheck: Done.
[  268.386038][ T7186] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  268.397633][ T7186] UDF-fs: Scanning with blocksize 512 failed
[  268.422947][ T7186] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found!
[  268.471674][ T6064] XFS (loop3): Unmounting Filesystem
[  268.478568][ T7186] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  269.088490][ T7200] loop1: detected capacity change from 0 to 4096
[  269.138156][ T7200] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512)
[  269.160652][ T7202] loop3: detected capacity change from 0 to 4096
[  269.210117][ T7200] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  269.225667][ T7203] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  269.258446][ T7166] loop4: detected capacity change from 0 to 32768
[  269.404540][ T7207] loop2: detected capacity change from 0 to 512
[  269.446523][ T7207] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  269.449649][ T6072] ntfs3: loop1: ntfs_evict_inode r=5 failed, -22.
[  269.454976][ T7207] EXT4-fs (loop2): 1 truncate cleaned up
[  269.467737][ T7207] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  269.525287][ T7212] loop1: detected capacity change from 0 to 1024
[  269.691374][ T6423] EXT4-fs (loop2): unmounting filesystem.
[  270.230782][ T7227] loop3: detected capacity change from 0 to 2048
[  270.284351][ T7227] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  270.383244][ T3761] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  270.402226][ T3761] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  270.419082][ T3761] EXT4-fs (loop3): This should not happen!! Data will be lost
[  270.419082][ T3761] 
[  270.431039][ T3761] EXT4-fs (loop3): Total free blocks count 0
[  270.437439][ T3761] EXT4-fs (loop3): Free/Dirty block details
[  270.443679][ T3761] EXT4-fs (loop3): free_blocks=2415919104
[  270.449760][ T3761] EXT4-fs (loop3): dirty_blocks=16
[  270.455132][ T3761] EXT4-fs (loop3): Block reservation details
[  270.461424][ T3761] EXT4-fs (loop3): i_reserved_data_blocks=1
[  270.474061][ T6064] EXT4-fs (loop3): unmounting filesystem.
[  271.020349][ T7217] loop2: detected capacity change from 0 to 32768
[  271.086832][ T7217] *** Log Format Error ! ***
[  271.092592][ T7217] lmLogInit: exit(-22)
[  271.125203][ T7217] lmLogOpen: exit(-22)
[  271.136599][ T7217] jfs_mount_rw failed, return code = -22
[  271.261682][ T4435] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  271.516388][ T4435] usb 5-1: Using ep0 maxpacket: 16
[  271.621894][   T26] audit: type=1326 audit(1717805741.420:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7263 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14cbc7cf69 code=0x7ffc0000
[  271.681000][   T26] audit: type=1326 audit(1717805741.420:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7263 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14cbc7cf69 code=0x7ffc0000
[  271.754377][   T26] audit: type=1326 audit(1717805741.440:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7263 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=260 compat=0 ip=0x7f14cbc7cf69 code=0x7ffc0000
[  271.822389][   T26] audit: type=1326 audit(1717805741.440:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7263 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14cbc7cf69 code=0x7ffc0000
[  271.848696][ T4435] usb 5-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice=99.81
[  271.861511][ T7266] loop2: detected capacity change from 0 to 1024
[  271.877213][ T4435] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  271.908449][ T4435] usb 5-1: Product: syz
[  271.919569][ T4435] usb 5-1: Manufacturer: syz
[  271.938738][ T4435] usb 5-1: SerialNumber: syz
[  271.948226][   T26] audit: type=1326 audit(1717805741.440:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7263 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14cbc7cf69 code=0x7ffc0000
[  271.979833][ T4435] usb 5-1: config 0 descriptor??
[  272.043491][ T4435] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[  272.061833][ T4435] ftdi_sio ttyUSB0: unknown device type: 0x9981
[  272.248042][ T4742] usb 5-1: USB disconnect, device number 11
[  272.276380][ T4742] ftdi_sio 5-1:0.0: device disconnected
[  272.343915][ T7254] loop3: detected capacity change from 0 to 40427
[  272.370961][ T7254] F2FS-fs (loop3): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  272.401202][ T7254] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  272.441901][ T7254] F2FS-fs (loop3): invalid crc value
[  272.491624][ T7254] F2FS-fs (loop3): Found nat_bits in checkpoint
[  272.518140][ T7262] loop1: detected capacity change from 0 to 32768
[  272.537990][ T7262] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor.1 (7262)
[  272.579317][ T7262] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  272.594107][ T7262] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  272.620032][ T7262] BTRFS info (device loop1): force zlib compression, level 3
[  272.630191][ T7254] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  272.640047][ T7254] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  272.655602][ T7262] BTRFS info (device loop1): enabling auto defrag
[  272.676740][ T7262] BTRFS warning (device loop1): the 'inode_cache' option is deprecated and has no effect since 5.11
[  272.702115][ T7262] BTRFS info (device loop1): max_inline at 0
[  272.708428][ T7262] BTRFS info (device loop1): turning on flush-on-commit
[  272.715686][ T7262] BTRFS error (device loop1): unrecognized mount option 'seclabel'
[  272.750079][ T7262] BTRFS error (device loop1): open_ctree failed
[  272.804779][ T6064] syz-executor.3: attempt to access beyond end of device
[  272.804779][ T6064] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  273.145455][ T7291] loop4: detected capacity change from 0 to 1024
[  273.168432][ T7291] hfsplus: unable to parse mount options
[  274.380833][ T7306] Dead loop on virtual device ip6_vti0, fix it urgently!
[  274.995689][ T7291] loop4: detected capacity change from 0 to 32768
[  275.049259][ T7291] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (7291)
[  275.071205][ T7291] BTRFS info (device loop4): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  275.105355][ T7291] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  275.123072][ T7291] BTRFS info (device loop4): using free space tree
[  275.284554][ T7325] loop1: detected capacity change from 0 to 2048
[  275.291288][ T7291] BTRFS info (device loop4): enabling ssd optimizations
[  275.311848][ T7325] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  275.370421][ T7345] device bond0 entered promiscuous mode
[  275.376470][ T7345] device bond_slave_0 entered promiscuous mode
[  275.387996][ T7346] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  275.391707][ T7325] syz-executor.1: attempt to access beyond end of device
[  275.391707][ T7325] loop1: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  275.506997][ T7311] loop2: detected capacity change from 0 to 32768
[  275.583193][ T7311] XFS (loop2): Mounting V5 Filesystem
[  275.688017][ T7311] XFS (loop2): Ending clean mount
[  275.695540][ T7311] XFS (loop2): Quotacheck needed: Please wait.
[  275.729045][ T7291] BTRFS info (device loop4): balance: start -sprofiles=0xc00000000000000,usage=120574..0,devid=0,vrange=7526466502315570031..7310589519818090028,limit=3472328296227680318,limit=808464446..808464432
[  275.789394][ T7291] BTRFS info (device loop4): balance: ended with status: 0
[  275.821979][ T7311] XFS (loop2): Quotacheck: Done.
[  275.888455][ T3571] BTRFS info (device loop4): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  275.974539][ T6423] XFS (loop2): Unmounting Filesystem
[  276.092651][ T7364] xt_hashlimit: overflow, try lower: 3/0
[  276.641059][   T26] audit: type=1326 audit(1717805746.440:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7370 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f01ea47cf69 code=0x0
[  277.126731][ T4946] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  277.406491][ T4946] usb 3-1: Using ep0 maxpacket: 8
[  277.536861][ T4946] usb 3-1: config index 0 descriptor too short (expected 5924, got 36)
[  277.545191][ T4946] usb 3-1: config 250 has an invalid interface number: 228 but max is -1
[  277.586406][ T4946] usb 3-1: config 250 has 1 interface, different from the descriptor's value: 0
[  277.608708][ T4946] usb 3-1: config 250 has no interface number 0
[  277.615057][ T4946] usb 3-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  277.660914][ T4946] usb 3-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  277.686367][ T4946] usb 3-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 26
[  277.719674][ T4946] usb 3-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  277.757498][ T4946] usb 3-1: config 250 interface 228 has no altsetting 0
[  277.761029][ T7378] loop3: detected capacity change from 0 to 32768
[  277.794286][ T7378] *** Log Format Error ! ***
[  277.816806][ T7378] lmLogInit: exit(-22)
[  277.829968][ T7378] lmLogOpen: exit(-22)
[  277.834114][ T7378] jfs_mount_rw failed, return code = -22
[  277.896587][ T4946] usb 3-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  277.912287][ T4946] usb 3-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  277.946622][ T4946] usb 3-1: Product: syz
[  277.955422][ T4946] usb 3-1: SerialNumber: syz
[  278.047437][ T4946] hub 3-1:250.228: bad descriptor, ignoring hub
[  278.053763][ T4946] hub: probe of 3-1:250.228 failed with error -5
[  278.274319][ T4946] usblp 3-1:250.228: usblp0: USB Bidirectional printer dev 12 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  278.745135][ T4435] usb 3-1: USB disconnect, device number 12
[  278.772161][ T4435] usblp0: removed
[  279.847321][ T7393] loop4: detected capacity change from 0 to 32768
[  280.064704][ T7408] xt_hashlimit: overflow, try lower: 3/0
[  280.336540][ T4946] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  280.977776][ T7423] loop3: detected capacity change from 0 to 2048
[  280.988972][ T4946] usb 2-1: New USB device found, idVendor=1ae7, idProduct=9004, bcdDevice=c6.97
[  281.006799][ T4946] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.023178][ T4946] usb 2-1: Product: syz
[  281.028395][ T7423] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  281.031178][ T4946] usb 2-1: Manufacturer: syz
[  281.058950][ T4946] usb 2-1: SerialNumber: syz
[  281.073418][ T4946] usb 2-1: config 0 descriptor??
[  281.347140][ T3565] usb 2-1: USB disconnect, device number 13
[  281.360878][   T26] audit: type=1804 audit(1717805751.160:193): pid=7431 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2822852477/syzkaller.ZqIFut/47/bus" dev="sda1" ino=1951 res=1 errno=0
[  281.413201][   T26] audit: type=1804 audit(1717805751.190:194): pid=7431 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir2822852477/syzkaller.ZqIFut/47/bus" dev="sda1" ino=1951 res=1 errno=0
[  281.461298][   T26] audit: type=1804 audit(1717805751.190:195): pid=7431 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2822852477/syzkaller.ZqIFut/47/bus" dev="sda1" ino=1951 res=1 errno=0
[  281.686858][ T4946] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  281.725798][ T7435] loop2: detected capacity change from 0 to 2048
[  281.773025][ T7435] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  281.907804][ T4640] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  281.946687][ T4946] usb 4-1: Using ep0 maxpacket: 32
[  281.956534][ T4640] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  281.986622][ T4640] EXT4-fs (loop2): This should not happen!! Data will be lost
[  281.986622][ T4640] 
[  282.006412][ T4640] EXT4-fs (loop2): Total free blocks count 0
[  282.012495][ T4640] EXT4-fs (loop2): Free/Dirty block details
[  282.021755][ T4640] EXT4-fs (loop2): free_blocks=2415919104
[  282.039050][ T4640] EXT4-fs (loop2): dirty_blocks=16
[  282.044276][ T4640] EXT4-fs (loop2): Block reservation details
[  282.050393][ T4640] EXT4-fs (loop2): i_reserved_data_blocks=1
[  282.068885][ T6423] EXT4-fs (loop2): unmounting filesystem.
[  282.106742][ T4946] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  282.130276][ T4946] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  282.178510][ T7444] loop1: detected capacity change from 0 to 256
[  282.212752][ T7444] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x421408f7, utbl_chksum : 0xe619d30d)
[  282.252437][ T7444] exFAT-fs (loop1): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  282.281936][   T26] audit: type=1326 audit(1717805752.080:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7443 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fca92a7cf69 code=0x0
[  282.362173][ T4946] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  282.375908][ T4946] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  282.401233][ T4946] usb 4-1: Product: syz
[  282.412391][ T4946] usb 4-1: Manufacturer: syz
[  282.423298][ T4946] usb 4-1: SerialNumber: syz
[  282.438740][ T4946] usb 4-1: config 0 descriptor??
[  282.446494][ T3565] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  282.743512][ T7452] xt_hashlimit: overflow, try lower: 3/0
[  282.766987][ T4946] usb 4-1: USB disconnect, device number 18
[  282.855080][ T7448] loop2: detected capacity change from 0 to 32768
[  282.884804][ T7448] XFS (loop2): Mounting V5 Filesystem
[  282.896403][ T3565] usb 5-1: Using ep0 maxpacket: 8
[  282.932565][ T3582] Bluetooth: hci1: unexpected event 0x2f length: 763 > 260
[  282.969199][ T7448] XFS (loop2): Ending clean mount
[  282.988047][ T6072] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000005)
[  282.998232][ T6072] exFAT-fs (loop1): Filesystem has been set read-only
[  283.007122][ T7448] XFS (loop2): Quotacheck needed: Please wait.
[  283.014403][ T6072] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000005)
[  283.024508][ T3565] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  283.035780][ T3565] usb 5-1: config 179 has no interface number 0
[  283.043118][ T3565] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 64, changing to 10
[  283.054840][ T3565] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 1029, setting to 1024
[  283.074481][ T7448] XFS (loop2): Quotacheck: Done.
[  283.090941][ T3565] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  283.115006][ T3565] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  283.137857][ T3565] usb 5-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  283.151532][ T3565] usb 5-1: config 179 interface 65 has no altsetting 0
[  283.158780][ T3565] usb 5-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  283.168182][ T3565] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  283.181277][ T6423] XFS (loop2): Unmounting Filesystem
[  283.215112][ T7446] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  283.322939][ T3565] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:179.65/input/input15
[  283.458022][    T7] usb 5-1: USB disconnect, device number 12
[  283.466400][    C0] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  283.479097][    T7] xpad 5-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  283.545085][   T34] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  283.553679][   T26] audit: type=1326 audit(1717805753.340:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7474 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14cbc7cf69 code=0x7ffc0000
[  283.616209][   T26] audit: type=1326 audit(1717805753.380:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7474 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f14cbc7cf69 code=0x7ffc0000
[  283.680938][   T26] audit: type=1326 audit(1717805753.380:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7474 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14cbc7cf69 code=0x7ffc0000
[  283.689457][   T34] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  283.783141][   T26] audit: type=1326 audit(1717805753.380:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7474 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f14cbc7cf69 code=0x7ffc0000
[  283.864744][   T26] audit: type=1326 audit(1717805753.380:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7474 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14cbc7cf69 code=0x7ffc0000
[  283.898616][ T7484] trusted_key: encrypted_key: key user:syz not found
[  283.912828][   T34] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  283.951913][   T26] audit: type=1326 audit(1717805753.390:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7474 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f14cbc7cf69 code=0x7ffc0000
[  284.003099][   T26] audit: type=1326 audit(1717805753.390:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7474 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14cbc7cf69 code=0x7ffc0000
[  284.046257][   T26] audit: type=1326 audit(1717805753.390:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7474 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f14cbc7cf69 code=0x7ffc0000
[  284.082404][   T26] audit: type=1326 audit(1717805753.390:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7474 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14cbc7cf69 code=0x7ffc0000
[  284.085686][   T34] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  284.546398][  T154] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  284.589217][ T3581] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  284.602740][ T3581] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  284.612976][ T3581] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  284.621898][ T3581] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  284.632860][ T3581] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  284.640959][ T3581] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  284.806515][  T154] usb 5-1: Using ep0 maxpacket: 32
[  284.861197][ T7477] loop3: detected capacity change from 0 to 32768
[  284.914895][ T7477] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz-executor.3 (7477)
[  284.946656][  T154] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  284.981072][  T154] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  285.019782][ T7477] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  285.034760][ T7477] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  285.056963][ T7477] BTRFS info (device loop3): using free space tree
[  285.176617][  T154] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  285.185728][  T154] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  285.194014][  T154] usb 5-1: Product: syz
[  285.198729][  T154] usb 5-1: Manufacturer: syz
[  285.203408][  T154] usb 5-1: SerialNumber: syz
[  285.210287][  T154] usb 5-1: config 0 descriptor??
[  285.230525][ T7477] BTRFS info (device loop3): enabling ssd optimizations
[  285.311554][ T7500] chnl_net:caif_netlink_parms(): no params data found
[  285.474884][ T3565] usb 5-1: USB disconnect, device number 13
[  285.590477][   T34] device hsr_slave_0 left promiscuous mode
[  285.599052][   T34] device hsr_slave_1 left promiscuous mode
[  285.605895][   T34] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  285.614585][   T34] batman_adv: batadv0: Removing interface: batadv_slave_0
[  285.632074][   T34] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  285.643600][   T34] batman_adv: batadv0: Removing interface: batadv_slave_1
[  285.698974][ T6064] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  285.709963][   T34] device bridge_slave_1 left promiscuous mode
[  285.716199][   T34] bridge0: port 2(bridge_slave_1) entered disabled state
[  285.746530][   T34] device bridge_slave_0 left promiscuous mode
[  285.753012][   T34] bridge0: port 1(bridge_slave_0) entered disabled state
[  286.014021][   T34] device veth1_macvtap left promiscuous mode
[  286.067034][   T34] device veth0_macvtap left promiscuous mode
[  286.080331][   T34] device veth1_vlan left promiscuous mode
[  286.097716][   T34] device veth0_vlan left promiscuous mode
[  286.306595][ T4679] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  288.886565][   T34] team0 (unregistering): Port device team_slave_1 removed
[  288.955648][   T34] team0 (unregistering): Port device team_slave_0 removed
[  289.026740][   T34] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  289.081703][ T3581] Bluetooth: hci3: command tx timeout
[  289.156554][ T4679] usb 5-1: device descriptor read/all, error -71
[  289.233640][ T7550] loop2: detected capacity change from 0 to 1024
[  289.233821][ T3582] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  289.257208][ T3582] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  289.269686][ T3582] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  289.280539][ T3582] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  289.303485][ T3582] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  289.313845][ T3582] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  289.344029][   T34] bond0 (unregistering): Released all slaves
[  289.414686][ T7500] bridge0: port 1(bridge_slave_0) entered blocking state
[  289.424874][ T7500] bridge0: port 1(bridge_slave_0) entered disabled state
[  289.441946][ T7500] device bridge_slave_0 entered promiscuous mode
[  289.469500][ T7500] bridge0: port 2(bridge_slave_1) entered blocking state
[  289.484562][ T7500] bridge0: port 2(bridge_slave_1) entered disabled state
[  289.495634][ T7500] device bridge_slave_1 entered promiscuous mode
[  289.587958][ T7500] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  289.620277][ T7500] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  289.751290][ T7500] team0: Port device team_slave_0 added
[  289.793073][ T7500] team0: Port device team_slave_1 added
[  289.861160][ T7500] batman_adv: batadv0: Adding interface: batadv_slave_0
[  289.875330][ T7500] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  289.907458][ T7500] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  289.935773][ T7500] batman_adv: batadv0: Adding interface: batadv_slave_1
[  289.945383][ T7500] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  289.976627][ T7500] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  290.056552][ T4679] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  290.081173][ T7500] device hsr_slave_0 entered promiscuous mode
[  290.105805][ T7500] device hsr_slave_1 entered promiscuous mode
[  290.131197][ T7500] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  290.150305][ T7500] Cannot create hsr debugfs directory
[  290.462519][ T7551] chnl_net:caif_netlink_parms(): no params data found
[  290.700594][ T6638] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  290.763684][ T4679] usb 5-1: Using ep0 maxpacket: 16
[  291.113158][ T7551] bridge0: port 1(bridge_slave_0) entered blocking state
[  291.127018][ T7551] bridge0: port 1(bridge_slave_0) entered disabled state
[  291.155343][ T7551] device bridge_slave_0 entered promiscuous mode
[  291.166895][ T6638] usb 3-1: Using ep0 maxpacket: 8
[  291.196881][ T7551] bridge0: port 2(bridge_slave_1) entered blocking state
[  291.207026][ T4679] usb 5-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice=99.81
[  291.223588][ T4679] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  291.241953][ T7551] bridge0: port 2(bridge_slave_1) entered disabled state
[  291.259401][ T4679] usb 5-1: Product: syz
[  291.275527][ T4679] usb 5-1: Manufacturer: syz
[  291.280764][ T7551] device bridge_slave_1 entered promiscuous mode
[  291.296646][ T6638] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[  291.306262][ T6638] usb 3-1: config 179 has no interface number 0
[  291.307386][ T4679] usb 5-1: SerialNumber: syz
[  291.323195][ T6638] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 64, changing to 10
[  291.325878][ T3582] Bluetooth: hci3: command tx timeout
[  291.356442][ T3582] Bluetooth: hci2: command tx timeout
[  291.390032][ T6638] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 1029, setting to 1024
[  291.403798][ T4679] usb 5-1: config 0 descriptor??
[  291.409129][ T6638] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  291.421001][ T6638] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  291.433278][ T6638] usb 3-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  291.449758][ T4679] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[  291.452017][ T7551] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  291.457627][ T6638] usb 3-1: config 179 interface 65 has no altsetting 0
[  291.457669][ T6638] usb 3-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  291.457695][ T6638] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  291.459274][ T4679] ftdi_sio ttyUSB0: unknown device type: 0x9981
[  291.521576][ T7569] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  291.545572][ T7551] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  291.562133][ T6638] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input16
[  291.809332][  T154] usb 5-1: USB disconnect, device number 15
[  291.821099][  T154] ftdi_sio 5-1:0.0: device disconnected
[  291.822301][ T7551] team0: Port device team_slave_0 added
[  291.860886][ T4742] usb 3-1: USB disconnect, device number 13
[  291.876491][ T4742] xpad 3-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  293.504953][ T3582] Bluetooth: hci3: command tx timeout
[  293.510604][ T3582] Bluetooth: hci2: command tx timeout
[  294.524536][ T7551] team0: Port device team_slave_1 added
[  295.480191][ T7586] loop4: detected capacity change from 0 to 8
[  295.523341][ T7586] SQUASHFS error: Failed to read block 0x1ea: -5
[  295.531238][ T7586] unable to read xattr id index table
[  295.596562][ T3582] Bluetooth: hci3: command tx timeout
[  295.602178][ T3581] Bluetooth: hci2: command tx timeout
[  295.604406][ T7551] batman_adv: batadv0: Adding interface: batadv_slave_0
[  295.626635][ T7551] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  295.655440][ T7551] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  295.713969][ T7551] batman_adv: batadv0: Adding interface: batadv_slave_1
[  295.726841][ T7551] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  295.765774][   T26] audit: type=1326 audit(1717805765.560:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7594 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f01ea47cf69 code=0x0
[  295.806414][ T7551] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  296.475530][ T7602] loop0: detected capacity change from 0 to 7
[  296.596707][ T7500] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  296.725371][ T7551] device hsr_slave_0 entered promiscuous mode
[  296.745040][ T7551] device hsr_slave_1 entered promiscuous mode
[  296.770432][ T7551] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  296.796108][ T7551] Cannot create hsr debugfs directory
[  296.819828][ T7500] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  296.911189][ T7500] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  296.973667][ T7500] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  296.991048][ T7602] Dev loop0: unable to read RDB block 7
[  297.009874][ T7602]  loop0: unable to read partition table
[  297.039247][ T7602] loop0: partition table beyond EOD, truncated
[  297.066484][ T7602] loop_reread_partitions: partition scan of loop0 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[  297.066484][ T7602] 
) failed (rc=-5)
[  297.491846][ T7551] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.541116][ T7500] 8021q: adding VLAN 0 to HW filter on device bond0
[  297.624808][ T7551] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.671785][ T7500] 8021q: adding VLAN 0 to HW filter on device team0
[  297.678552][ T3582] Bluetooth: hci2: command tx timeout
[  297.693212][ T4946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  297.703769][ T4946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  297.746166][ T7551] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.790842][ T7615] loop4: detected capacity change from 0 to 2048
[  297.831103][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  297.834122][ T7615] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  297.844020][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  297.875039][ T4435] bridge0: port 1(bridge_slave_0) entered blocking state
[  297.882330][ T4435] bridge0: port 1(bridge_slave_0) entered forwarding state
[  297.896110][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  297.905954][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  297.914760][ T4435] bridge0: port 2(bridge_slave_1) entered blocking state
[  297.921992][ T4435] bridge0: port 2(bridge_slave_1) entered forwarding state
[  297.936672][   T26] audit: type=1800 audit(1717805767.730:207): pid=7615 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=1367 res=0 errno=0
[  297.965832][ T7551] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.997745][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  298.005993][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  298.049992][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  298.147193][ T6638] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  298.169576][ T6638] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  298.219775][ T6638] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  298.229691][ T6638] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  298.243342][ T6638] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  298.255131][ T6638] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  298.267030][ T6638] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  298.286449][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  298.295197][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  298.314344][ T7500] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  298.644545][ T7551] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  298.715660][ T7551] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  298.754290][ T7551] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  298.914171][ T7551] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  299.112953][ T7625] loop4: detected capacity change from 0 to 1024
[  299.873163][ T7551] 8021q: adding VLAN 0 to HW filter on device bond0
[  299.891621][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  299.916833][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  299.931518][ T7500] 8021q: adding VLAN 0 to HW filter on device batadv0
[  299.967418][ T7551] 8021q: adding VLAN 0 to HW filter on device team0
[  299.977798][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  299.992871][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  300.007240][ T7635] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  300.052247][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  300.077514][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  300.086070][ T4435] bridge0: port 1(bridge_slave_0) entered blocking state
[  300.093232][ T4435] bridge0: port 1(bridge_slave_0) entered forwarding state
[  300.117314][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  300.205999][ T7637] team0: Port device bridge2 added
[  300.217737][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  300.237138][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  300.267098][ T3649] bridge0: port 2(bridge_slave_1) entered blocking state
[  300.274258][ T3649] bridge0: port 2(bridge_slave_1) entered forwarding state
[  300.296775][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  300.305860][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  300.376395][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  300.399225][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  300.434761][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  300.458617][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  300.487255][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  300.496254][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  300.507288][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  300.515934][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  300.551433][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  300.580766][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  300.601168][ T7644] loop0: detected capacity change from 0 to 7
[  300.611776][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  300.625245][ T7644] Dev loop0: unable to read RDB block 7
[  300.633967][ T7551] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  300.646638][ T7644]  loop0: AHDI p3 p4
[  300.650622][ T7644] loop0: partition table partially beyond EOD, truncated
[  300.676486][ T7644] loop0: p3 start 6514546 is beyond EOD, truncated
[  300.696111][ T4682] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  300.718564][ T4682] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  300.741768][ T7500] device veth0_vlan entered promiscuous mode
[  300.802991][ T7500] device veth1_vlan entered promiscuous mode
[  300.841745][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  300.851072][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  300.883551][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  300.965106][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  300.978495][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  300.993831][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  301.024100][ T7500] device veth0_macvtap entered promiscuous mode
[  301.091187][ T7500] device veth1_macvtap entered promiscuous mode
[  301.166121][ T7647] loop4: detected capacity change from 0 to 4096
[  301.191273][ T7500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  301.240919][ T7500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.288322][ T7500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  301.315670][ T7500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.376460][   T26] audit: type=1800 audit(1717805771.170:208): pid=7647 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=34 res=0 errno=0
[  301.404434][ T7500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  301.450922][ T7500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.527949][ T7500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  301.538594][ T7500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.550460][ T7500] batman_adv: batadv0: Interface activated: batadv_slave_0
[  301.571343][ T7500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  302.923800][ T7500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  302.945596][ T7500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  302.998047][ T7500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.013819][ T7500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  303.027532][ T7500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.044579][ T7500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  303.060264][ T7500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.080341][ T7500] batman_adv: batadv0: Interface activated: batadv_slave_1
[  303.116813][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  303.125162][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  303.157171][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  303.166226][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  303.187347][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  303.200467][ T4679] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  303.227747][ T7500] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  303.254160][ T7500] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  303.273498][ T7500] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  303.293151][ T7500] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  303.315349][ T7663] ALSA: seq fatal error: cannot create timer (-22)
[  303.546997][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  303.555154][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  303.569961][ T7551] 8021q: adding VLAN 0 to HW filter on device batadv0
[  304.858919][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  304.879192][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  304.957429][ T5263] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  304.965830][ T5263] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  305.064404][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  305.082749][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  305.097479][ T7672] loop4: detected capacity change from 0 to 128
[  305.153076][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  305.165761][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  305.213301][ T3582] Bluetooth: hci3: unexpected event 0x2f length: 763 > 260
[  305.217934][   T34] device hsr_slave_0 left promiscuous mode
[  305.247499][   T26] audit: type=1804 audit(1717805775.040:209): pid=7672 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2784063830/syzkaller.H9CEXA/274/file1/file1" dev="loop4" ino=1048688 res=1 errno=0
[  305.274402][   T34] device hsr_slave_1 left promiscuous mode
[  305.314835][   T34] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  305.331775][   T34] batman_adv: batadv0: Removing interface: batadv_slave_0
[  305.359394][   T34] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  305.391572][   T34] batman_adv: batadv0: Removing interface: batadv_slave_1
[  305.392074][ T7679] loop1: detected capacity change from 0 to 1024
[  305.498501][   T34] device bridge_slave_1 left promiscuous mode
[  305.504898][   T34] bridge0: port 2(bridge_slave_1) entered disabled state
[  305.516121][   T26] audit: type=1804 audit(1717805775.320:210): pid=7682 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2784063830/syzkaller.H9CEXA/275/bus" dev="sda1" ino=1960 res=1 errno=0
[  305.565418][ T1106] hfsplus: b-tree write err: -5, ino 4
[  305.577332][   T34] device bridge_slave_0 left promiscuous mode
[  305.585760][   T34] bridge0: port 1(bridge_slave_0) entered disabled state
[  305.606422][   T26] audit: type=1804 audit(1717805775.320:211): pid=7682 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir2784063830/syzkaller.H9CEXA/275/bus" dev="sda1" ino=1960 res=1 errno=0
[  305.654776][   T34] device veth1_macvtap left promiscuous mode
[  305.663606][   T34] device veth0_macvtap left promiscuous mode
[  305.673080][   T34] device veth1_vlan left promiscuous mode
[  305.690009][   T34] device veth0_vlan left promiscuous mode
[  305.808633][ T7688] loop2: detected capacity change from 0 to 256
[  305.858093][ T7688] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  306.185079][   T34] team0 (unregistering): Port device team_slave_1 removed
[  306.374693][ T7702] loop2: detected capacity change from 0 to 1024
[  306.485926][ T7685] Falling back ldisc for ptm0.
[  307.105464][   T34] team0 (unregistering): Port device team_slave_0 removed
[  307.170447][   T34] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  307.200888][ T7707] loop1: detected capacity change from 0 to 128
[  307.260867][ T7707] ext4: Bad value for 'auto_da_alloc'
[  307.457462][   T34] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  308.746520][   T34] bond0 (unregistering): Released all slaves
[  308.844320][ T3582] Bluetooth: hci1: unexpected event 0x2f length: 763 > 260
[  308.921058][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  308.956661][ T4946] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  308.971728][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  308.989278][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  309.005003][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  309.039065][ T7551] device veth0_vlan entered promiscuous mode
[  309.081176][ T7551] device veth1_vlan entered promiscuous mode
[  309.094004][ T7721] loop2: detected capacity change from 0 to 64
[  309.155072][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  309.174952][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  309.191147][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  309.205056][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  309.223629][ T7551] device veth0_macvtap entered promiscuous mode
[  309.244711][ T7551] device veth1_macvtap entered promiscuous mode
[  309.340974][ T7551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  309.367841][ T7551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.386833][ T4946] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  309.393896][ T7551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  309.411522][ T4946] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  309.425120][ T7551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.442880][ T7551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  309.473195][ T7551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.474186][ T4946] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  309.497005][ T7732] syz-executor.4 (pid 7732) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  309.498058][ T7551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  309.530680][ T7551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.554821][ T7551] batman_adv: batadv0: Interface activated: batadv_slave_0
[  309.561408][ T4946] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  309.571012][ T7734] netlink: 10 bytes leftover after parsing attributes in process `syz-executor.0'.
[  309.586225][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  309.602858][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  309.604317][ T4946] usb 2-1: config 0 descriptor??
[  309.627823][   T26] audit: type=1326 audit(1717805779.430:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7730 comm="syz-executor.4" exe="/root/syz-executor.4" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f01ea47cf69 code=0x0
[  309.653959][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  309.687797][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  309.719862][ T7551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  309.742079][ T7551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.764564][ T7551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  309.788928][ T7551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.810568][ T7551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  309.848775][ T7551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.876522][ T7551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  309.895287][ T7551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.925904][ T7551] batman_adv: batadv0: Interface activated: batadv_slave_1
[  309.950847][ T3613] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  309.970915][ T3613] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  310.003202][ T7551] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  310.038235][ T7551] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  310.056437][ T7551] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  310.072208][ T3582] Bluetooth: hci1: unexpected cc 0x0402 length: 65 > 1
[  310.076454][ T7551] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  310.098502][ T4946] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  310.108976][ T4946] plantronics 0003:047F:FFFF.000A: No inputs registered, leaving
[  310.154544][ T4946] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  310.274430][ T7732] fscrypt: Adiantum using implementation "adiantum(xchacha12-simd,aes-aesni,nhpoly1305-avx2)"
[  310.408332][  T102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  310.429159][  T102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  310.480014][ T4435] usb 2-1: USB disconnect, device number 14
[  310.503749][ T4742] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  310.536500][ T4479] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  310.544901][ T4479] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  310.603733][ T3613] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  311.050791][ T7785] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  311.173192][ T7785] device bond1 entered promiscuous mode
[  311.197483][ T7789] bond0: (slave bond_slave_0): Releasing backup interface
[  311.277721][ T7789] bond1: (slave bond_slave_0): making interface the new active one
[  311.296513][ T7789] device bond_slave_0 entered promiscuous mode
[  311.305129][ T7789] bond1: (slave bond_slave_0): Enslaving as an active interface with an up link
[  311.866516][    T7] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  311.959317][ T7782] loop3: detected capacity change from 0 to 32768
[  311.968038][ T7782] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor.3 (7782)
[  311.983085][ T7782] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  311.993806][ T7782] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  312.004034][ T7782] BTRFS info (device loop3): turning on flush-on-commit
[  312.011235][ T7782] BTRFS info (device loop3): turning off barriers
[  312.018089][ T7782] BTRFS info (device loop3): doing ref verification
[  312.026466][ T7782] BTRFS info (device loop3): force clearing of disk cache
[  312.033651][ T7782] BTRFS info (device loop3): enabling disk space caching
[  312.055404][ T7803] loop4: detected capacity change from 0 to 164
[  312.061901][ T7782] BTRFS info (device loop3): turning on sync discard
[  312.068787][ T7782] BTRFS info (device loop3): using default commit interval 30s
[  312.098407][ T7782] BTRFS info (device loop3): disk space caching is enabled
[  312.108525][    T7] usb 3-1: Using ep0 maxpacket: 16
[  312.154985][ T7803] iso9660: Corrupted directory entry in block 4 of inode 1792
[  312.226611][    T7] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  312.237564][    T7] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  312.247367][    T7] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  312.258118][    T7] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  312.346061][ T7782] BTRFS info (device loop3): enabling ssd optimizations
[  312.346740][    T7] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  312.362587][ T7782] BTRFS info (device loop3): rebuilding free space tree
[  312.371535][    T7] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  312.379837][    T7] usb 3-1: Manufacturer: syz
[  312.379878][   T26] audit: type=1326 audit(1717805782.190:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7827 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcae0c7cf69 code=0x0
[  312.408017][    T7] usb 3-1: config 0 descriptor??
[  312.487687][ T7782] BTRFS info (device loop3): disabling free space tree
[  312.506639][ T7782] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  312.526429][ T7782] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  312.672218][ T3613] usb 3-1: USB disconnect, device number 14
[  312.826543][ T4435] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  313.001703][ T7551] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  313.222529][ T4435] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  313.266912][ T4435] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  313.307741][ T4435] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  313.339478][ T4435] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  313.370239][ T4435] usb 2-1: config 0 descriptor??
[  313.652273][ T7853] serio: Serial port pts0
[  313.869858][ T7862] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[  313.875522][ T4435] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  313.883731][ T7862] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'.
[  313.892741][ T4435] plantronics 0003:047F:FFFF.000B: No inputs registered, leaving
[  313.916939][ T7862] device ipvlan1 entered promiscuous mode
[  313.925778][ T7862] bridge0: port 3(ipvlan1) entered blocking state
[  313.938646][ T4435] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  313.942232][ T7862] bridge0: port 3(ipvlan1) entered disabled state
[  313.981075][ T7862] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[  314.016997][ T7863] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  314.158252][ T3582] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  314.167636][ T3582] Bluetooth: hci1: Injecting HCI hardware error event
[  314.191614][ T3581] Bluetooth: hci1: hardware error 0x00
[  314.240491][   T26] audit: type=1800 audit(1717805784.040:214): pid=7849 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="sda1" ino=1963 res=0 errno=0
[  314.255837][ T7866] loop4: detected capacity change from 0 to 2048
[  314.287355][ T7866] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  314.294228][ T4435] usb 2-1: USB disconnect, device number 15
[  314.379022][ T7873] fuse: Unknown parameter 'roèÌmod¶000000000000000000400'
[  314.444303][   T26] audit: type=1800 audit(1717805784.240:215): pid=7873 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="file1" dev="sda1" ino=1945 res=0 errno=0
[  315.065874][ T7896] serio: Serial port pts0
[  315.167275][ T7901] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[  315.191522][ T7901] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'.
[  315.206598][ T3613] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  315.237061][ T7901] bridge0: port 3(ipvlan1) entered blocking state
[  315.259568][ T7901] bridge0: port 3(ipvlan1) entered disabled state
[  315.298323][ T7901] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[  315.348685][ T3582] Bluetooth: hci2: unexpected cc 0x0402 length: 65 > 1
[  315.378432][   T26] audit: type=1800 audit(1717805785.180:216): pid=7904 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="overlay" ino=1963 res=0 errno=0
[  315.456648][ T3613] usb 2-1: Using ep0 maxpacket: 32
[  315.560471][ T7915] loop4: detected capacity change from 0 to 1024
[  315.579531][ T3613] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 36
[  315.623015][ T7915] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  315.655989][ T7884] loop2: detected capacity change from 0 to 32768
[  315.675585][ T7884] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (7884)
[  315.709761][ T7884] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  315.720959][ T7884] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  315.732532][ T7884] BTRFS info (device loop2): using free space tree
[  315.760435][ T3613] usb 2-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  315.770670][ T3613] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  315.779146][ T3613] usb 2-1: Product: syz
[  315.783612][ T3613] usb 2-1: Manufacturer: syz
[  315.788795][ T3613] usb 2-1: SerialNumber: syz
[  315.800315][ T3613] usb 2-1: config 0 descriptor??
[  315.814686][ T3571] EXT4-fs (loop4): unmounting filesystem.
[  315.827368][ T7891] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  315.851561][ T3613] hub 2-1:0.0: bad descriptor, ignoring hub
[  315.861358][ T3613] hub: probe of 2-1:0.0 failed with error -5
[  315.911564][ T3613] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input17
[  315.962056][ T7884] BTRFS info (device loop2): enabling ssd optimizations
[  315.977071][ T7884] BTRFS warning (device loop2): can't clear the verity,compat_ro:4 feature bits while mounted
[  316.030238][ T6423] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  316.238889][ T3581] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  316.296262][ T4677] usb 2-1: USB disconnect, device number 16
[  316.296361][    C0] usbtouchscreen 2-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  316.332778][ T7954] loop3: detected capacity change from 0 to 512
[  316.372198][ T7954] EXT4-fs (loop3): orphan cleanup on readonly fs
[  316.391579][ T7954] EXT4-fs error (device loop3): ext4_find_extent:936: inode #4: comm syz-executor.3: pblk 2 bad header/extent: invalid magic - magic 3fff, entries 12, max 508(0), depth 0(0)
[  316.413027][ T7959] serio: Serial port pts0
[  316.434389][ T7954] Quota error (device loop3): v2_read_header: Failed header read: expected=8 got=-117
[  316.450513][ T7954] EXT4-fs warning (device loop3): ext4_enable_quotas:7012: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  316.466901][ T7954] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  316.473869][ T7954] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  316.508332][ T7551] EXT4-fs (loop3): unmounting filesystem.
[  316.660085][ T7966] loop4: detected capacity change from 0 to 1024
[  316.751711][ T4479] hfsplus: b-tree write err: -5, ino 4
[  316.804094][   T26] audit: type=1326 audit(1717805786.600:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7973 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcae0c7cf69 code=0x0
[  316.965399][   T26] audit: type=1800 audit(1717805786.760:218): pid=7987 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="sda1" ino=1964 res=0 errno=0
[  317.010538][    C1] vkms_vblank_simulate: vblank timer overrun
[  317.039238][ T1253] ieee802154 phy0 wpan0: encryption failed: -22
[  317.039294][ T1253] ieee802154 phy1 wpan1: encryption failed: -22
[  317.276422][  T152] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  317.357491][ T7999] overlayfs: failed to resolve './file2': -2
[  318.386842][  T152] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  319.184424][  T152] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  319.197694][  T152] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  319.206854][  T152] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  319.223945][  T152] usb 3-1: config 0 descriptor??
[  319.436545][ T3581] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  319.445692][ T3581] Bluetooth: hci2: Injecting HCI hardware error event
[  319.460522][ T3582] Bluetooth: hci2: hardware error 0x00
[  319.720414][  T152] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  319.753332][  T152] plantronics 0003:047F:FFFF.000C: No inputs registered, leaving
[  319.905099][  T152] plantronics 0003:047F:FFFF.000C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  320.188105][  T152] usb 3-1: USB disconnect, device number 15
[  320.586500][ T8017] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  320.644386][ T8017] device bond1 entered promiscuous mode
[  320.662031][ T8018] bond0: (slave bond_slave_0): Releasing backup interface
[  320.870005][ T8018] bond1: (slave bond_slave_0): making interface the new active one
[  320.883473][ T8018] device bond_slave_0 entered promiscuous mode
[  320.910767][ T8018] bond1: (slave bond_slave_0): Enslaving as an active interface with an up link
[  321.055905][ T3581] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  321.069368][ T3581] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  321.078418][ T3581] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  321.091865][ T3581] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  321.102116][ T3581] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  321.109729][ T3581] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  321.245989][ T4479] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  321.459065][ T4479] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  321.553462][ T4479] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  321.681345][ T4479] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  321.779377][ T8037] netlink: 'syz-executor.1': attribute type 10 has an invalid length.
[  321.787753][ T8037] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'.
[  321.803663][ T8037] device ipvlan1 entered promiscuous mode
[  321.823584][ T8037] bridge0: port 3(ipvlan1) entered blocking state
[  321.829397][ T8044] loop4: detected capacity change from 0 to 512
[  321.830982][ T8037] bridge0: port 3(ipvlan1) entered disabled state
[  321.896835][ T8044] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  321.927314][ T8046] overlayfs: failed to resolve './file2': -2
[  322.663096][ T8037] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[  322.691311][ T8044] EXT4-fs (loop4): 1 truncate cleaned up
[  322.831732][ T8044] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  322.961413][ T3571] EXT4-fs (loop4): unmounting filesystem.
[  323.187120][ T8066] loop4: detected capacity change from 0 to 4096
[  323.206609][ T3581] Bluetooth: hci2: command tx timeout
[  323.358095][ T8066] ntfs: volume version 3.1.
[  323.590024][ T8022] chnl_net:caif_netlink_parms(): no params data found
[  324.138758][ T8084] overlayfs: failed to resolve './file2': -2
[  325.195017][ T8093] netlink: 'syz-executor.0': attribute type 10 has an invalid length.
[  325.209478][ T8093] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'.
[  325.228300][ T8093] device ipvlan1 entered promiscuous mode
[  325.255396][ T8093] bridge0: port 3(ipvlan1) entered blocking state
[  325.262823][ T8093] bridge0: port 3(ipvlan1) entered disabled state
[  325.272951][ T8093] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[  325.296577][ T3581] Bluetooth: hci2: command tx timeout
[  325.410816][ T8022] bridge0: port 1(bridge_slave_0) entered blocking state
[  325.434279][ T8022] bridge0: port 1(bridge_slave_0) entered disabled state
[  325.482275][ T8022] device bridge_slave_0 entered promiscuous mode
[  325.527501][ T8022] bridge0: port 2(bridge_slave_1) entered blocking state
[  325.538207][ T8022] bridge0: port 2(bridge_slave_1) entered disabled state
[  325.560150][ T8100] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.4'.
[  325.574826][ T8022] device bridge_slave_1 entered promiscuous mode
[  325.740546][ T8022] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  325.785561][ T8022] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  325.976228][ T4479] device hsr_slave_0 left promiscuous mode
[  325.991851][ T4479] device hsr_slave_1 left promiscuous mode
[  326.039233][ T4479] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  326.047693][ T4479] batman_adv: batadv0: Removing interface: batadv_slave_0
[  326.070543][ T4479] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  326.112048][ T4479] batman_adv: batadv0: Removing interface: batadv_slave_1
[  326.128553][ T4479] device bridge_slave_1 left promiscuous mode
[  326.156855][ T4479] bridge0: port 2(bridge_slave_1) entered disabled state
[  326.189008][ T4479] device bridge_slave_0 left promiscuous mode
[  326.198795][ T4479] bridge0: port 1(bridge_slave_0) entered disabled state
[  326.248109][ T4479] device veth1_macvtap left promiscuous mode
[  326.254849][ T4479] device veth0_macvtap left promiscuous mode
[  326.263250][ T4479] device veth1_vlan left promiscuous mode
[  326.270091][ T4479] device veth0_vlan left promiscuous mode
[  326.833773][ T4479] bond1 (unregistering): Released all slaves
[  326.841353][ T8127] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.4'.
[  326.968080][ T8133] loop4: detected capacity change from 0 to 512
[  327.025815][ T8133] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  327.035376][ T8133] ext4 filesystem being mounted at /root/syzkaller-testdir2784063830/syzkaller.H9CEXA/315/bus supports timestamps until 2038 (0x7fffffff)
[  327.089433][ T4479] team0 (unregistering): Port device team_slave_1 removed
[  327.108333][ T4479] team0 (unregistering): Port device team_slave_0 removed
[  327.136754][ T4479] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  327.215564][ T4479] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  327.358485][ T3581] Bluetooth: hci2: command tx timeout
[  328.097774][ T4479] bond0 (unregistering): Released all slaves
[  328.163604][ T3571] EXT4-fs (loop4): unmounting filesystem.
[  328.230995][ T8022] team0: Port device team_slave_0 added
[  328.284215][ T8022] team0: Port device team_slave_1 added
[  328.408223][ T8022] batman_adv: batadv0: Adding interface: batadv_slave_0
[  328.433720][ T8022] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  328.475271][ T8022] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  328.503902][ T8022] batman_adv: batadv0: Adding interface: batadv_slave_1
[  328.511220][ T8022] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  329.711022][ T3581] Bluetooth: hci2: command tx timeout
[  329.876516][ T4946] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  329.890395][ T8022] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  330.040818][ T8022] device hsr_slave_0 entered promiscuous mode
[  330.053229][ T8022] device hsr_slave_1 entered promiscuous mode
[  330.083117][ T8022] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  330.091365][ T8022] Cannot create hsr debugfs directory
[  330.116479][ T4946] usb 3-1: Using ep0 maxpacket: 32
[  330.316631][ T8165] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.0'.
[  330.446806][ T4946] usb 3-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=99.d3
[  330.455906][ T4946] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  330.515447][ T4946] usb 3-1: Product: syz
[  330.519958][ T4946] usb 3-1: Manufacturer: syz
[  330.524686][ T4946] usb 3-1: SerialNumber: syz
[  330.562650][ T4946] usb 3-1: config 0 descriptor??
[  330.576932][ T8171] loop1: detected capacity change from 0 to 512
[  330.640003][ T4946] radio-si470x 3-1:0.0: could not find interrupt in endpoint
[  330.651381][ T4946] radio-si470x: probe of 3-1:0.0 failed with error -5
[  330.653294][ T8171] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  330.784068][ T8171] ext4 filesystem being mounted at /root/syzkaller-testdir4288716594/syzkaller.eGJcwq/27/bus supports timestamps until 2038 (0x7fffffff)
[  330.830911][ T8176] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  330.846537][ T4946] radio-raremono 3-1:0.0: Thanko's Raremono connected: (10C4:818A)
[  331.119449][ T4946] radio-raremono 3-1:0.0: raremono_cmd_main failed (-71)
[  331.144873][ T4946] radio-raremono 3-1:0.0: V4L2 device registered as radio32
[  331.171802][ T4946] usb 3-1: USB disconnect, device number 16
[  331.180496][ T4946] radio-raremono 3-1:0.0: Thanko's Raremono disconnected
[  331.885036][ T7500] EXT4-fs (loop1): unmounting filesystem.
[  332.018552][ T8022] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  333.340372][ T8022] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  333.393581][ T8022] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  333.451570][ T8022] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  333.869911][ T8022] 8021q: adding VLAN 0 to HW filter on device bond0
[  333.936953][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  334.006098][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  334.038124][ T8022] 8021q: adding VLAN 0 to HW filter on device team0
[  334.151345][ T3565] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  334.174391][ T8197] can0: slcan on pty23.
[  334.179213][ T3565] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  334.213720][ T3565] bridge0: port 1(bridge_slave_0) entered blocking state
[  334.220984][ T3565] bridge0: port 1(bridge_slave_0) entered forwarding state
[  334.272876][ T3565] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  334.297423][ T3565] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  334.328026][ T3565] bridge0: port 2(bridge_slave_1) entered blocking state
[  334.335189][ T3565] bridge0: port 2(bridge_slave_1) entered forwarding state
[  334.404853][ T4677] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  334.415672][ T4677] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  334.472191][ T4677] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  334.516938][ T4677] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  334.556229][ T4677] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  334.576592][ T8201] 9pnet_fd: Insufficient options for proto=fd
[  334.608522][ T4680] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  334.617812][ T4680] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  334.644782][ T4680] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  334.668979][ T4680] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  334.691095][ T4680] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  334.712006][ T4680] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  334.732493][ T4680] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  334.752859][ T8022] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  335.251709][ T8214] overlayfs: missing 'lowerdir'
[  335.407144][ T8211] loop4: detected capacity change from 0 to 512
[  336.052807][ T8211] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  336.090003][ T8211] ext4 filesystem being mounted at /root/syzkaller-testdir2784063830/syzkaller.H9CEXA/318/bus supports timestamps until 2038 (0x7fffffff)
[  336.330271][ T8198] loop1: detected capacity change from 0 to 32768
[  336.386511][ T8198] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop1 scanned by syz-executor.1 (8198)
[  336.965860][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  336.980472][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  337.024910][ T8022] 8021q: adding VLAN 0 to HW filter on device batadv0
[  337.143544][ T8198] BTRFS error (device loop1): open_ctree failed
[  337.162497][ T3571] EXT4-fs (loop4): unmounting filesystem.
[  337.208790][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  337.224069][ T8229] loop2: detected capacity change from 0 to 4096
[  337.237422][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  337.278484][ T4946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  337.294685][ T4946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  337.372222][ T8022] device veth0_vlan entered promiscuous mode
[  337.387680][ T8198] can0 (unregistered): slcan off pty23.
[  337.395375][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  337.424681][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  337.440578][ T8022] device veth1_vlan entered promiscuous mode
[  337.582166][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  337.592809][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  337.619014][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  337.638824][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  337.654360][ T8022] device veth0_macvtap entered promiscuous mode
[  337.695735][ T8022] device veth1_macvtap entered promiscuous mode
[  337.771752][ T8022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  337.811388][ T8022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  337.909417][ T8022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  337.975511][ T8022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.070364][ T8022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  338.616663][ T8022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.642151][ T8022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  338.660471][ T8022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.713467][ T8251] overlayfs: missing 'lowerdir'
[  338.794988][ T8022] batman_adv: batadv0: Interface activated: batadv_slave_0
[  338.807345][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  338.819654][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  338.867086][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  338.984315][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  339.003892][ T8022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  339.043823][ T8022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.079155][ T8022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  339.100352][ T8022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.125253][ T8022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  339.188718][ T8022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.205503][ T8022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  339.218258][ T8022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.254264][ T8257] loop2: detected capacity change from 0 to 512
[  339.254415][ T8022] batman_adv: batadv0: Interface activated: batadv_slave_1
[  339.275821][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  339.303053][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  339.323853][ T8022] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  339.340740][ T8257] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  339.383371][ T8022] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  339.415534][ T8257] ext4 filesystem being mounted at /root/syzkaller-testdir2822852477/syzkaller.ZqIFut/97/bus supports timestamps until 2038 (0x7fffffff)
[  339.419474][ T8022] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  339.438632][ T8022] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  340.609774][ T6423] EXT4-fs (loop2): unmounting filesystem.
[  340.652552][ T3761] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  340.683224][ T3761] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  340.804604][ T8244] loop4: detected capacity change from 0 to 32768
[  340.836528][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  340.861589][ T1106] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  340.978298][ T1106] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  341.075266][ T3565] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  341.246771][   T26] audit: type=1326 audit(1717805811.050:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8276 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f240f67cf69 code=0x0
[  341.502933][   T26] audit: type=1326 audit(1717805811.300:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8276 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f240f67cf69 code=0x0
[  341.692738][   T26] audit: type=1326 audit(1717805811.490:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8276 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f240f67cf69 code=0x7ffc0000
[  341.747877][ T8284] loop4: detected capacity change from 0 to 2048
[  341.752774][   T26] audit: type=1326 audit(1717805811.490:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8276 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f240f67cf69 code=0x7ffc0000
[  341.784444][   T26] audit: type=1326 audit(1717805811.530:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8276 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f240f67cf69 code=0x7ffc0000
[  342.485570][   T26] audit: type=1326 audit(1717805811.530:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8276 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f240f67cf69 code=0x7ffc0000
[  342.550911][   T26] audit: type=1326 audit(1717805811.530:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8276 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f240f67cf69 code=0x7ffc0000
[  342.645927][ T8284]  loop4: p1 < > p4
[  342.698096][   T26] audit: type=1326 audit(1717805811.530:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8276 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f240f67cf69 code=0x7ffc0000
[  342.722051][ T8284] loop4: p4 size 8388608 extends beyond EOD, truncated
[  342.745569][   T26] audit: type=1326 audit(1717805811.530:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8276 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f240f67cf69 code=0x7ffc0000
[  342.795163][   T26] audit: type=1326 audit(1717805811.530:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8276 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f240f67cf69 code=0x7ffc0000
[  342.846431][ T3649] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  343.106618][ T3649] usb 2-1: Using ep0 maxpacket: 16
[  343.356801][ T4742] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  343.405430][ T8299] loop3: detected capacity change from 0 to 32768
[  343.414183][ T8299] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop3 scanned by syz-executor.3 (8299)
[  343.427607][ T3649] usb 2-1: New USB device found, idVendor=14aa, idProduct=022b, bcdDevice=8e.53
[  343.438726][ T3649] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  343.449429][ T3649] usb 2-1: Product: syz
[  343.453884][ T3649] usb 2-1: Manufacturer: syz
[  343.459328][ T3649] usb 2-1: SerialNumber: syz
[  343.470246][ T3649] usb 2-1: config 0 descriptor??
[  343.476449][ T8299] BTRFS info (device loop3): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  343.503071][ T8299] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  343.528402][ T3649] dvb-usb: found a 'WideView WT-220U PenType Receiver (based on ZL353)' in warm state.
[  343.536620][ T8299] BTRFS info (device loop3): using free space tree
[  343.548449][ T3649] dvb-usb: bulk message failed: -22 (2/0)
[  343.560940][ T3649] dvb-usb: will use the device's hardware PID filter (table count: 15).
[  343.588998][ T3649] dvbdev: DVB: registering new adapter (WideView WT-220U PenType Receiver (based on ZL353))
[  343.605518][ T3649] usb 2-1: media controller created
[  343.612604][ T3649] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  343.644155][ T3649] usb 2-1: DVB: registering adapter 1 frontend 0 (WideView USB DVB-T)...
[  343.657314][ T4742] usb 3-1: Using ep0 maxpacket: 16
[  343.662955][ T3649] dvbdev: dvb_create_media_entity: media entity 'WideView USB DVB-T' registered.
[  343.688453][ T8332] cgroup: name respecified
[  343.763995][ T8299] BTRFS info (device loop3): enabling ssd optimizations
[  343.806945][ T4742] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  343.824718][ T4742] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  343.924800][ T3649] rc_core: IR keymap rc-dtt200u not found
[  344.835704][ T3649] Registered IR keymap rc-empty
[  344.842420][ T3649] rc rc0: WideView WT-220U PenType Receiver (based on ZL353) as /devices/platform/dummy_hcd.1/usb2/2-1/rc/rc0
[  344.855707][ T3649] input: WideView WT-220U PenType Receiver (based on ZL353) as /devices/platform/dummy_hcd.1/usb2/2-1/rc/rc0/input18
[  344.911310][ T3649] dvb-usb: schedule remote query interval to 300 msecs.
[  344.978058][ T3649] dvb-usb: WideView WT-220U PenType Receiver (based on ZL353) successfully initialized and connected.
[  345.046625][ T4742] usb 3-1: New USB device found, idVendor=14aa, idProduct=022b, bcdDevice=8e.53
[  345.055708][ T4742] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  345.069109][ T3649] usb 2-1: USB disconnect, device number 17
[  345.096409][ T4742] usb 3-1: Product: syz
[  345.100626][ T4742] usb 3-1: Manufacturer: syz
[  345.105215][ T4742] usb 3-1: SerialNumber: syz
[  345.118264][ T8352] dlm: no local IP address has been set
[  345.119097][ T4742] usb 3-1: config 0 descriptor??
[  345.133711][ T8352] dlm: cannot start dlm midcomms -107
[  345.152729][ T8022] BTRFS info (device loop3): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  345.179444][ T4742] dvb-usb: found a 'WideView WT-220U PenType Receiver (based on ZL353)' in warm state.
[  345.228315][ T4742] dvb-usb: bulk message failed: -22 (2/0)
[  345.243463][ T4742] dvb-usb: will use the device's hardware PID filter (table count: 15).
[  345.262437][ T3649] dvb-usb: WideView WT-220U PenType Receiver (base successfully deinitialized and disconnected.
[  345.301261][ T4742] dvbdev: DVB: registering new adapter (WideView WT-220U PenType Receiver (based on ZL353))
[  345.324697][ T4742] usb 3-1: media controller created
[  345.342943][ T4742] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  345.372804][ T4742] usb 3-1: DVB: registering adapter 1 frontend 0 (WideView USB DVB-T)...
[  345.436683][ T4742] dvbdev: dvb_create_media_entity: media entity 'WideView USB DVB-T' registered.
[  345.786337][ T4742] rc_core: IR keymap rc-dtt200u not found
[  345.793394][ T4742] Registered IR keymap rc-empty
[  345.810389][ T4742] rc rc0: WideView WT-220U PenType Receiver (based on ZL353) as /devices/platform/dummy_hcd.2/usb3/3-1/rc/rc0
[  345.840775][ T4742] input: WideView WT-220U PenType Receiver (based on ZL353) as /devices/platform/dummy_hcd.2/usb3/3-1/rc/rc0/input19
[  345.876891][ T4742] dvb-usb: schedule remote query interval to 300 msecs.
[  345.899961][ T4742] dvb-usb: WideView WT-220U PenType Receiver (based on ZL353) successfully initialized and connected.
[  345.935933][ T4742] usb 3-1: USB disconnect, device number 17
[  345.976660][ T4742] dvb-usb: WideView WT-220U PenType Receiver (base successfully deinitialized and disconnected.
[  346.214272][ T8372] loop3: detected capacity change from 0 to 512
[  346.255584][ T8372] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000079f)
[  346.276328][ T8372] FAT-fs (loop3): Filesystem has been set read-only
[  346.288799][ T8372] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000079f)
[  346.446484][ T4742] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  346.696743][ T4742] usb 3-1: Using ep0 maxpacket: 16
[  346.897133][ T4742] usb 3-1: unable to get BOS descriptor or descriptor too short
[  346.986456][ T4742] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  347.016492][ T4742] usb 3-1: config 1 interface 0 has no altsetting 0
[  347.206462][ T4742] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  347.215545][ T4742] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  347.236347][ T4742] usb 3-1: Product: syz
[  347.240558][ T4742] usb 3-1: Manufacturer: syz
[  347.245154][ T4742] usb 3-1: SerialNumber: syz
[  347.567863][ T4742] usb 3-1: bad CDC descriptors
[  347.575755][ T4742] usb 3-1: USB disconnect, device number 18
[  349.866422][ T4676] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  350.116425][ T4676] usb 3-1: Using ep0 maxpacket: 16
[  350.406717][ T4676] usb 3-1: New USB device found, idVendor=14aa, idProduct=022b, bcdDevice=8e.53
[  350.420341][ T4676] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  350.436497][ T4676] usb 3-1: Product: syz
[  350.443975][ T4676] usb 3-1: Manufacturer: syz
[  350.451022][ T4676] usb 3-1: SerialNumber: syz
[  350.461263][ T4676] usb 3-1: config 0 descriptor??
[  350.510704][ T4676] dvb-usb: found a 'WideView WT-220U PenType Receiver (based on ZL353)' in warm state.
[  350.523975][ T4676] dvb-usb: bulk message failed: -22 (2/0)
[  350.532125][ T4676] dvb-usb: will use the device's hardware PID filter (table count: 15).
[  350.558072][ T4676] dvbdev: DVB: registering new adapter (WideView WT-220U PenType Receiver (based on ZL353))
[  350.573433][ T4676] usb 3-1: media controller created
[  350.583228][ T4676] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  350.600267][ T4676] usb 3-1: DVB: registering adapter 1 frontend 0 (WideView USB DVB-T)...
[  350.614249][ T4676] dvbdev: dvb_create_media_entity: media entity 'WideView USB DVB-T' registered.
[  350.776447][ T4676] rc_core: IR keymap rc-dtt200u not found
[  350.782344][ T4676] Registered IR keymap rc-empty
[  350.793791][ T4676] rc rc0: WideView WT-220U PenType Receiver (based on ZL353) as /devices/platform/dummy_hcd.2/usb3/3-1/rc/rc0
[  350.815285][ T4676] input: WideView WT-220U PenType Receiver (based on ZL353) as /devices/platform/dummy_hcd.2/usb3/3-1/rc/rc0/input20
[  350.834530][ T4676] dvb-usb: schedule remote query interval to 300 msecs.
[  350.841743][ T4676] dvb-usb: WideView WT-220U PenType Receiver (based on ZL353) successfully initialized and connected.
[  350.860031][ T4676] usb 3-1: USB disconnect, device number 19
[  350.882605][ T4676] dvb-usb: WideView WT-220U PenType Receiver (base successfully deinitialized and disconnected.
[  351.648894][ T8390] loop2: detected capacity change from 0 to 32768
[  351.663058][ T8390] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (8390)
[  351.680992][ T8390] BTRFS info (device loop2): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  351.699113][ T8390] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  351.714025][ T8390] BTRFS info (device loop2): using free space tree
[  351.753994][ T8390] BTRFS info (device loop2): enabling ssd optimizations
[  351.779215][   T26] kauditd_printk_skb: 4 callbacks suppressed
[  351.779232][   T26] audit: type=1800 audit(1717805821.580:233): pid=8390 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file1" dev="loop2" ino=260 res=0 errno=0
[  351.844520][   T26] audit: type=1804 audit(1717805821.620:234): pid=8390 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2822852477/syzkaller.ZqIFut/108/file0/file1" dev="loop2" ino=260 res=1 errno=0
[  351.876345][   T26] audit: type=1804 audit(1717805821.670:235): pid=8390 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2822852477/syzkaller.ZqIFut/108/file0/file1" dev="loop2" ino=260 res=1 errno=0
[  351.939758][ T6423] BTRFS info (device loop2): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  352.782003][ T8422] loop2: detected capacity change from 0 to 128
[  354.106506][ T3613] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  354.346430][ T3613] usb 3-1: Using ep0 maxpacket: 32
[  354.466543][ T3613] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  354.484561][ T3613] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  354.494484][ T3613] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  354.514472][ T3613] usb 3-1: New USB device found, idVendor=05ac, idProduct=024f, bcdDevice= 0.00
[  354.523664][ T3613] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  354.539307][ T3613] usb 3-1: config 0 descriptor??
[  355.018447][ T3613] apple 0003:05AC:024F.000D: unknown main item tag 0x0
[  355.025414][ T3613] apple 0003:05AC:024F.000D: unknown main item tag 0x0
[  355.038309][ T3613] apple 0003:05AC:024F.000D: unknown main item tag 0x0
[  355.045305][ T3613] apple 0003:05AC:024F.000D: unknown main item tag 0x0
[  355.055763][ T3613] apple 0003:05AC:024F.000D: unknown main item tag 0x0
[  355.075011][ T3613] apple 0003:05AC:024F.000D: failed to start in urb: -90
[  355.090361][ T3613] apple 0003:05AC:024F.000D: hidraw0: USB HID v0.00 Device [HID 05ac:024f] on usb-dummy_hcd.2-1/input0
[  355.237039][ T3613] usb 3-1: USB disconnect, device number 20
[  360.086376][ T3582] Bluetooth: hci4: command 0x0406 tx timeout
[  374.293729][ T3581] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  374.306173][ T3581] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  374.316288][ T3581] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  374.324481][ T3581] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  374.336902][ T3581] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  374.344185][ T3581] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  375.523673][ T3582] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  375.535510][ T3582] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  375.544366][ T3582] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  375.554782][ T3582] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  375.562430][ T3582] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  375.571635][ T3582] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  376.029121][ T3581] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  376.040387][ T3581] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  376.049189][ T3581] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  376.065665][   T48] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  376.075010][   T48] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  376.088291][   T48] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  376.396743][   T48] Bluetooth: hci5: command tx timeout
[  376.889356][ T3582] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  376.901035][ T3582] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  376.909915][ T3582] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  376.917862][ T3582] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  376.929999][ T3582] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  376.939247][ T3582] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  377.676451][ T3582] Bluetooth: hci6: command tx timeout
[  378.156496][ T3582] Bluetooth: hci7: command tx timeout
[  378.477875][ T3582] Bluetooth: hci5: command tx timeout
[  378.481152][ T1253] ieee802154 phy0 wpan0: encryption failed: -22
[  378.489852][ T1253] ieee802154 phy1 wpan1: encryption failed: -22
[  378.956574][   T48] Bluetooth: hci8: command tx timeout
[  379.757965][   T48] Bluetooth: hci6: command tx timeout
[  380.236420][   T48] Bluetooth: hci7: command tx timeout
[  380.556395][   T48] Bluetooth: hci5: command tx timeout
[  381.039230][   T48] Bluetooth: hci8: command tx timeout
[  381.836674][   T48] Bluetooth: hci6: command tx timeout
[  382.321181][   T48] Bluetooth: hci7: command tx timeout
[  382.636498][   T48] Bluetooth: hci5: command tx timeout
[  383.116359][   T48] Bluetooth: hci8: command tx timeout
[  383.926361][   T48] Bluetooth: hci6: command tx timeout
[  384.396359][   T48] Bluetooth: hci7: command tx timeout
[  384.439741][   T48] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  384.451911][   T48] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  384.461993][   T48] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  384.483620][   T48] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  384.492492][   T48] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[  384.500993][   T48] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  385.196388][ T3582] Bluetooth: hci8: command tx timeout
[  386.556553][ T3582] Bluetooth: hci9: command tx timeout
[  388.636335][ T3582] Bluetooth: hci9: command tx timeout
[  390.716477][ T3582] Bluetooth: hci9: command tx timeout
[  392.796409][ T3582] Bluetooth: hci9: command tx timeout
[  411.276467][ T3582] Bluetooth: hci3: command 0x0406 tx timeout
[  439.358570][   T48] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  439.369538][   T48] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  439.381894][   T48] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  439.396041][   T48] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  439.405302][   T48] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[  439.413060][   T48] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  439.926576][ T1253] ieee802154 phy0 wpan0: encryption failed: -22
[  439.932907][ T1253] ieee802154 phy1 wpan1: encryption failed: -22
[  440.575204][ T3582] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  440.591626][ T3582] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  440.601159][ T3582] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  440.609425][ T3582] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  440.617949][ T3582] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3
[  440.627051][ T3582] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  441.163943][ T3582] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[  441.180138][ T3582] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[  441.191984][ T3582] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[  441.202674][ T3582] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[  441.210363][ T3582] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3
[  441.217735][ T3582] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[  441.516390][   T48] Bluetooth: hci10: command tx timeout
[  441.930100][ T3582] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[  441.942504][ T3582] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[  441.953289][ T3582] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[  441.965690][ T3582] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[  441.974768][ T3582] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3
[  441.982284][ T3582] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[  442.716443][ T3582] Bluetooth: hci11: command tx timeout
[  443.276539][ T3582] Bluetooth: hci12: command tx timeout
[  443.596324][ T3582] Bluetooth: hci10: command tx timeout
[  443.996673][ T3582] Bluetooth: hci13: command tx timeout
[  444.796319][ T3582] Bluetooth: hci11: command tx timeout
[  445.356310][   T48] Bluetooth: hci12: command tx timeout
[  445.678479][   T48] Bluetooth: hci10: command tx timeout
[  446.076490][   T48] Bluetooth: hci13: command tx timeout
[  446.876438][   T48] Bluetooth: hci11: command tx timeout
[  447.116501][ T3582] Bluetooth: hci2: command 0x0406 tx timeout
[  447.436673][ T3582] Bluetooth: hci12: command tx timeout
[  447.756393][ T3582] Bluetooth: hci10: command tx timeout
[  448.156421][ T3582] Bluetooth: hci13: command tx timeout
[  448.956353][ T3582] Bluetooth: hci11: command tx timeout
[  449.223971][   T48] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[  449.235526][   T48] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[  449.247461][   T48] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[  449.255497][   T48] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[  449.263519][   T48] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3
[  449.270956][   T48] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[  449.516783][   T48] Bluetooth: hci12: command tx timeout
[  450.246404][ T3582] Bluetooth: hci13: command tx timeout
[  451.365063][ T3582] Bluetooth: hci14: command tx timeout
[  453.445019][ T3582] Bluetooth: hci14: command tx timeout
[  455.534993][ T3582] Bluetooth: hci14: command tx timeout
[  457.605137][ T3582] Bluetooth: hci14: command tx timeout
[  493.676422][   T28] INFO: task syz-executor.1:8355 blocked for more than 143 seconds.
[  493.684566][   T28]       Not tainted 6.1.92-syzkaller #0
[  493.696021][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  493.704767][   T28] task:syz-executor.1  state:D stack:29096 pid:8355  ppid:7500   flags:0x00004006
[  493.719763][   T28] Call Trace:
[  493.723099][   T28]  <TASK>
2024/06/08 00:19:23 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[  493.726071][   T28]  __schedule+0x142d/0x4550
[  493.761586][   T28]  ? __mutex_lock+0x6b4/0xd80
[  493.772546][   T28]  ? __sched_text_start+0x8/0x8
[  493.777661][   T28]  ? __mutex_trylock_common+0x8d/0x2e0
[  493.783203][   T28]  ? do_raw_spin_unlock+0x137/0x8a0
[  493.831913][   T28]  schedule+0xbf/0x180
[  493.836091][   T28]  schedule_preempt_disabled+0xf/0x20
[  493.844645][   T28]  __mutex_lock+0x6b9/0xd80
[  493.863882][   T28]  ? __mutex_lock+0x53c/0xd80
[  493.874315][   T28]  ? do_ip_setsockopt+0x51d/0x3bb0
[  493.879675][   T28]  ? mutex_lock_nested+0x10/0x10
[  493.884657][   T28]  do_ip_setsockopt+0x51d/0x3bb0
[  493.916804][   T28]  ? ip_sock_set_pktinfo+0x60/0x60
[  493.922013][   T28]  ? aa_sk_perm+0x92d/0xa60
[  493.955027][   T28]  ? aa_af_perm+0x350/0x350
[  493.959655][   T28]  ? __fget_files+0x435/0x4a0
[  493.972484][   T28]  ? aa_sock_opt_perm+0x79/0x110
[  493.977547][   T28]  ip_setsockopt+0x5b/0x100
[  493.982091][   T28]  ? sock_common_recvmsg+0x240/0x240
[  493.993212][   T28]  __sys_setsockopt+0x57e/0xa00
[  494.003075][   T28]  ? __ia32_sys_recv+0xb0/0xb0
[  494.013975][   T28]  ? syscall_enter_from_user_mode+0x2e/0x230
[  494.020083][   T28]  __x64_sys_setsockopt+0xb1/0xc0
[  494.025154][   T28]  do_syscall_64+0x3b/0xb0
[  494.035356][   T28]  ? clear_bhb_loop+0x45/0xa0
[  494.040208][   T28]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  494.046132][   T28] RIP: 0033:0x7fc69bc7cf69
[  494.076032][   T28] RSP: 002b:00007fc69c99d0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  494.101943][   T28] RAX: ffffffffffffffda RBX: 00007fc69bdb4050 RCX: 00007fc69bc7cf69
[  494.116251][   T28] RDX: 000000000000002d RSI: 0000000000000000 RDI: 0000000000000003
[  494.124276][   T28] RBP: 00007fc69bcda6fe R08: 0000000000000000 R09: 0000000000000000
[  494.161332][   T28] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  494.186314][   T28] R13: 000000000000006e R14: 00007fc69bdb4050 R15: 00007ffc194fae58
[  494.194378][   T28]  </TASK>
[  494.206366][   T28] INFO: task syz-executor.4:8362 blocked for more than 143 seconds.
[  494.214393][   T28]       Not tainted 6.1.92-syzkaller #0
[  494.236245][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  494.245237][   T28] task:syz-executor.4  state:D stack:27256 pid:8362  ppid:3571   flags:0x00004006
[  494.302012][   T28] Call Trace:
[  494.305374][   T28]  <TASK>
[  494.308413][   T28]  __schedule+0x142d/0x4550
[  494.312979][   T28]  ? __mutex_lock+0x6b4/0xd80
[  494.343052][   T28]  ? __sched_text_start+0x8/0x8
[  494.348061][   T28]  ? __mutex_trylock_common+0x8d/0x2e0
[  494.353562][   T28]  ? do_raw_spin_unlock+0x137/0x8a0
[  494.375310][   T28]  schedule+0xbf/0x180
[  494.402265][   T28]  schedule_preempt_disabled+0xf/0x20
[  494.407781][   T28]  __mutex_lock+0x6b9/0xd80
[  494.412403][   T28]  ? __mutex_lock+0x53c/0xd80
[  494.436252][   T28]  ? __netlink_dump_start+0x12e/0x6e0
[  494.441710][   T28]  ? mutex_lock_nested+0x10/0x10
[  494.456262][   T28]  ? netlink_lookup+0x31/0x200
[  494.461109][   T28]  __netlink_dump_start+0x12e/0x6e0
[  494.476512][   T28]  rtnetlink_rcv_msg+0xd4c/0xff0
[  494.482275][   T28]  ? rtnetlink_rcv_msg+0x1f9/0xff0
[  494.496269][   T28]  ? rtnl_dellink+0x880/0x880
[  494.501020][   T28]  ? rtnetlink_bind+0x80/0x80
[  494.505721][   T28]  ? __local_bh_enable_ip+0x164/0x1f0
[